danieleperera / SocAnalystArsenal
Quick SOC L1 ticket structure
☆35Updated 5 years ago
Alternatives and similar repositories for SocAnalystArsenal:
Users that are interested in SocAnalystArsenal are comparing it to the libraries listed below
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- links collected from SOC Core Skills class☆85Updated 4 years ago
- Cybersecurity Incident Response Plan☆89Updated 4 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆38Updated 3 years ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- Repository resource for threat hunter☆158Updated 6 years ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- ☆28Updated 4 years ago
- Repository of public reference frameworks for the DFIR community.☆115Updated last year
- A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…☆54Updated 3 years ago
- Practical Threat Detection Engineering, Published by Packt☆66Updated last year
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆54Updated 5 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- A curated list of FOSS software appliances for building a SOC☆18Updated 4 years ago
- Some Threat Hunting queries useful for blue teamers☆125Updated 2 years ago
- Defensive Origins Training Schedule☆38Updated last year
- Three datasets to practice Threat Hunting against.☆43Updated last year
- Script to automate Linux live evidence collection☆27Updated 2 years ago
- SPL cheatsheet for Splunk.☆21Updated 2 years ago
- ☆116Updated last year
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆24Updated 5 years ago
- Hunt malware with Volatility☆47Updated 10 months ago
- Useful resources about phishing email analysis☆81Updated last month
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 11 months ago