cybersheepdog / Threat-Hunting-MetricsLinks
Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes time away from your Threat Hunting. I have created this Excel document to help automate as much of that as possible. The Strategic Overview tab is auto-updated based upon what you enter in the Threat Hunts Ta…
☆12Updated 2 years ago
Alternatives and similar repositories for Threat-Hunting-Metrics
Users that are interested in Threat-Hunting-Metrics are comparing it to the libraries listed below
Sorting:
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- BlackBerry Threat Research & Intelligence☆99Updated 2 years ago
- ☆68Updated this week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated 2 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆51Updated 6 months ago
- Open Threat Hunting Framework☆120Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆88Updated 9 months ago
- ☆13Updated last year
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Updated 3 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆125Updated last year
- Forensic Artifact Collection Tool Matrix☆91Updated last year
- Remote access and Antivirus Logging Database☆44Updated last year
- Full of public notes and Utilities☆129Updated 9 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆114Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 8 months ago
- Jupyter notebooks for threat hunting☆59Updated 8 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Updated 3 years ago
- ☆88Updated 4 months ago
- Sigma rules to share with the community☆122Updated 10 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- This repo is where I store my Threat Hunting ideas/content☆87Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆115Updated 2 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆94Updated last month
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆58Updated 3 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated 2 years ago
- Forensics artifacts collection☆21Updated 4 years ago