cybersheepdog / Threat-Hunting-Metrics
Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes time away from your Threat Hunting. I have created this Excel document to help automate as much of that as possible. The Strategic Overview tab is auto-updated based upon what you enter in the Threat Hunts Ta…
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Threat-Hunting-Metrics
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 3 weeks ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆59Updated 3 weeks ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated 3 weeks ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- A collection of various SIEM rules relating to malware family groups.☆62Updated 5 months ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- Detection of obfuscated Powershell commands☆54Updated last year
- A collection of tips for using MISP.☆74Updated 7 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 3 months ago
- Detection Engineering with YARA☆85Updated 10 months ago
- BlackBerry Threat Research & Intelligence☆93Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆44Updated 7 months ago
- ☆19Updated last year
- User Feedback Space of #MitreAssistant☆37Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 6 months ago
- ☆57Updated 3 weeks ago
- Tools and scripts to deploy and manage OpenRelik instances☆10Updated 3 weeks ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- ☆83Updated 3 months ago
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆16Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆76Updated last week
- Python client for DFIR-IRIS☆20Updated 3 months ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆29Updated last week
- Logbook for Digital Forensics and Incident Response☆49Updated 4 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- Capture. Detonate. Collect☆14Updated 2 months ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆49Updated last year
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year