darkoperator / ThreatHunter-PlaybookLinks
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
Sorting:
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- ☆30Updated 6 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Updated 5 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆18Updated 5 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Updated 3 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆36Updated 6 years ago
- ☆16Updated 2 months ago
- A script for generating custom passphrase lists to be used for password cracking with hashcat rules☆80Updated 7 years ago
- Maltego integration of https://haveibeenpwned.com☆61Updated 5 months ago
- ☆33Updated 7 months ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Updated 4 years ago
- Fast incident overview☆40Updated 8 years ago
- Lootbox downloads open directories shared on Twitter.☆34Updated 4 years ago
- Threat Intel and Incident Reponse☆10Updated 6 years ago
- mindmap created for tools can be used during analysis/investigation☆27Updated 8 years ago
- A few transforms and a machine for parsing Nmap XML results☆38Updated 9 years ago
- Python script to batch query the Tor Relays and Bridges☆36Updated 6 years ago
- DeployREMnux is a Python script that will deploy a cloud instance of the public REMnux distribution in the Amazon cloud (AWS).☆16Updated 5 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆21Updated 8 years ago
- Universal Radio Hacker: investigate wireless protocols like a boss 📡😎☆17Updated 5 years ago
- NetRipper - Smart traffic sniffing for penetration testers☆17Updated 10 years ago
- ☆53Updated 7 years ago
- A bunch of scripts I use to work with urlscan.io☆34Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 7 years ago
- Web Filter External Enumeration Tool (WebFEET)☆77Updated 11 years ago
- ☆82Updated 5 years ago