Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
☆90Sep 16, 2023Updated 2 years ago
Alternatives and similar repositories for AIMOD2
Users that are interested in AIMOD2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 10 months ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 5 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆161Apr 6, 2025Updated last year
- ☆34Jun 13, 2023Updated 2 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆384Dec 9, 2022Updated 3 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 30, 2026Updated last month
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆34Jan 1, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- A repository to share publicly available Velociraptor detection content☆203Updated this week
- Notes on responding to security breaches relating to Azure AD☆123Mar 14, 2022Updated 4 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,071Oct 5, 2023Updated 2 years ago
- Default Detections for EDR☆97Feb 20, 2024Updated 2 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆653May 11, 2026Updated last week
- General Content☆27Dec 23, 2025Updated 5 months ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The Threat Actor Profile Guide for CTI Analysts☆120Jul 15, 2023Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆99Oct 20, 2023Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆120Oct 29, 2024Updated last year
- ☆159Nov 26, 2023Updated 2 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- Misc Threat Hunting Resources☆379Jan 26, 2023Updated 3 years ago
- Repository of public reference frameworks for the DFIR community.☆122Jul 4, 2023Updated 2 years ago
- A collection of companies that disclose adversary TTPs after they have been breached☆300May 11, 2026Updated 2 weeks ago
- Detect Tactics, Techniques & Combat Threats☆2,292Apr 29, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆790Oct 29, 2022Updated 3 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Feb 22, 2025Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆315May 16, 2026Updated last week
- Extract C2 Traffic☆255Nov 25, 2024Updated last year
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆814Jan 14, 2026Updated 4 months ago
- ☆225Sep 8, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 6 months ago