darkoperator / ThreatHunter-PlaybookLinks
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
Sorting:
- Threat Intel and Incident Reponse☆10Updated 7 years ago
- ☆30Updated 6 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆18Updated 5 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- Bluewall is a firewall framework designed for offensive and defensive cyber professionals.☆106Updated 6 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆36Updated 6 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆21Updated 8 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.☆66Updated 6 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 7 years ago
- Identify compromised domains or emails. A python based HIBP and HackedEmails wrapper☆39Updated 6 years ago
- mindmap created for tools can be used during analysis/investigation☆27Updated 8 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Updated 3 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Updated 7 years ago
- Python-based CLI Password Analyser (Reporting Tool)☆32Updated 4 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Updated 5 years ago
- A script for generating custom passphrase lists to be used for password cracking with hashcat rules☆80Updated 7 years ago
- A bunch of scripts I use to work with urlscan.io☆34Updated 5 years ago
- ☆18Updated last year
- Indices for courses in SANS' Network Security Operations curriculum☆16Updated 9 years ago
- Linux setup tool for Kali Linux☆79Updated 7 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated 2 years ago
- Collection of scripts and tools that I created to aid in my testing.☆14Updated 3 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Updated 4 years ago
- A few transforms and a machine for parsing Nmap XML results☆39Updated 9 years ago
- Python script to batch query the Tor Relays and Bridges☆36Updated 6 years ago
- ☆13Updated 6 years ago