darkoperator / ThreatHunter-PlaybookLinks
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
Sorting:
- ☆30Updated 6 years ago
- PowerShell Memory Pulling script☆19Updated 10 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 7 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆24Updated 3 years ago
- ☆13Updated 6 years ago
- Maltego integration of https://haveibeenpwned.com☆61Updated 7 months ago
- Tools for parsing Forensic images☆41Updated 6 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 7 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆24Updated 2 years ago
- An Installation Script for Bro IDS on Debian Based Systems☆20Updated 5 years ago
- Docker container for datasploit framework☆26Updated 8 years ago
- Fast incident overview☆40Updated 8 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Updated 5 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- ☆53Updated 7 years ago
- Python script to batch query the Tor Relays and Bridges☆36Updated 6 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Updated 4 years ago
- Identify compromised domains or emails. A python based HIBP and HackedEmails wrapper☆38Updated 7 years ago
- A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.☆66Updated 6 years ago
- Snort_rules detection bad actors.☆28Updated last year
- Create an incident response triage toolkit for use with Windows or Linux.☆18Updated 5 years ago
- PowerShell script to retreive wifi ESSIDs and Passwords.☆26Updated 8 years ago
- A few transforms and a machine for parsing Nmap XML results☆39Updated 9 years ago
- mindmap created for tools can be used during analysis/investigation☆27Updated 8 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆50Updated 6 years ago
- Threat Intel and Incident Reponse☆10Updated 7 years ago
- Batch scripts to capture volatile and log information from a target system☆21Updated 11 years ago
- Yara Scanner For IMAP Feeds and saved Streams☆28Updated 5 years ago