dirtyfilthy / siem-from-scratch
SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
☆37Updated 4 years ago
Related projects: ⓘ
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆25Updated 8 months ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- ☆56Updated this week
- A CALDERA plugin for autonomous incident response☆23Updated 7 months ago
- ☆20Updated this week
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- THOR Thunderstorm Collectors☆24Updated last week
- ☆15Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆14Updated 4 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆21Updated 4 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆16Updated 3 years ago
- A collection of scripts for the purpose of gathering open source intelligence, to be presented at GrayHat, BSides Denver, and Information…☆24Updated 3 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆30Updated last year
- Generic Signature Format for SIEM Systems☆14Updated 2 years ago
- Bloodhound Portable for Windows☆51Updated last year
- Build a domain with three quick PowerShell scripts!☆28Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- Windows Security Logging☆43Updated 2 years ago
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆47Updated 9 months ago
- Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI☆25Updated 7 months ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- ☆33Updated 3 years ago