Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
☆90Sep 16, 2023Updated 2 years ago
Alternatives and similar repositories for AIMOD2
Users that are interested in AIMOD2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Execute embedded Mimikatz☆13Nov 24, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆18Sep 7, 2023Updated 2 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- A repository of my own Sigma detection rules.☆164Nov 25, 2025Updated 3 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆162Apr 6, 2025Updated 11 months ago
- ☆34Jun 13, 2023Updated 2 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…☆383Dec 9, 2022Updated 3 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- A repository to share publicly available Velociraptor detection content☆196Mar 15, 2026Updated last week
- Notes on responding to security breaches relating to Azure AD☆122Mar 14, 2022Updated 4 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,062Oct 5, 2023Updated 2 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 4 months ago
- General Content☆27Dec 23, 2025Updated 3 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆18Mar 10, 2023Updated 3 years ago
- The Threat Actor Profile Guide for CTI Analysts☆117Jul 15, 2023Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆100Oct 20, 2023Updated 2 years ago
- ☆160Nov 26, 2023Updated 2 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- A collection of companies that disclose adversary TTPs after they have been breached☆289Mar 14, 2026Updated last week
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Repository of public reference frameworks for the DFIR community.☆122Jul 4, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,269Jan 21, 2026Updated 2 months ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆790Oct 29, 2022Updated 3 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Feb 22, 2025Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆304Updated this week
- Extract C2 Traffic☆254Nov 25, 2024Updated last year
- ☆225Sep 8, 2022Updated 3 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆806Jan 14, 2026Updated 2 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago