cybersheepdog / Threat-Hunting-MetricsLinks
Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes time away from your Threat Hunting. I have created this Excel document to help automate as much of that as possible. The Strategic Overview tab is auto-updated based upon what you enter in the Threat Hunts Ta…
☆12Updated 2 years ago
Alternatives and similar repositories for Threat-Hunting-Metrics
Users that are interested in Threat-Hunting-Metrics are comparing it to the libraries listed below
Sorting:
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆123Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆49Updated 4 months ago
- Full of public notes and Utilities☆127Updated 7 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 7 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆114Updated 2 years ago
- Detection Engineering with YARA☆87Updated last year
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Updated 3 years ago
- Jupyter notebooks for threat hunting☆59Updated 6 months ago
- BlackBerry Threat Research & Intelligence☆99Updated last year
- A repository of my own Sigma detection rules.☆162Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆108Updated 11 months ago
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated 11 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- Sigma rules to share with the community☆121Updated 8 months ago
- Open Threat Hunting Framework☆118Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆72Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆205Updated 3 years ago
- ☆53Updated last year
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- ☆68Updated 2 weeks ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆115Updated last year
- A collection of tips for using MISP.☆74Updated 9 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆157Updated 6 months ago
- An opensource sigma conversion tool built using pysigma☆139Updated last month
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 4 months ago