dwestgard / threat_hunting_tablesView external linksLinks
Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
☆43Oct 21, 2018Updated 7 years ago
Alternatives and similar repositories for threat_hunting_tables
Users that are interested in threat_hunting_tables are comparing it to the libraries listed below
Sorting:
- ☆10Dec 19, 2017Updated 8 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- C# Situational Awareness Script☆34Apr 26, 2019Updated 6 years ago
- This repository contains generated contextual data utilized by pyattck.☆19Mar 3, 2025Updated 11 months ago
- Compilation of resources to help with Adversary Simulation automation harness☆100Aug 7, 2020Updated 5 years ago
- Dump LSASS process in Task Manager without triggering Defender.☆18Apr 6, 2023Updated 2 years ago
- ☆14Jun 26, 2020Updated 5 years ago
- ☆42Apr 22, 2021Updated 4 years ago
- LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network☆74Jul 9, 2019Updated 6 years ago
- Simple web frontend to an elasticsearch database made for local files indexing☆19Oct 25, 2019Updated 6 years ago
- A CALDERA plugin☆80Updated this week
- A repository that maps API calls to Sysmon Event ID's.☆121Nov 14, 2022Updated 3 years ago
- Understanding ATT&CK Matrix for Enterprise☆79May 16, 2018Updated 7 years ago
- Squirtle the Browser-based NTLM Attack Toolkit☆17Apr 13, 2015Updated 10 years ago
- ☆22Jun 9, 2025Updated 8 months ago
- Standalone Go implementation of Metasploit's "db_nmap" and "db_import" commands.☆19Nov 6, 2024Updated last year
- Quick scan to find live hosts on the network/across networks☆48Jul 4, 2014Updated 11 years ago
- Advanced Persistent Threat Detection Using Network Analysis☆23Feb 28, 2019Updated 6 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.☆19Sep 23, 2020Updated 5 years ago
- Official Black Hat Arsenal Security Tools Repository☆21Jul 31, 2017Updated 8 years ago
- Helper script for mangling CS payloads☆51May 5, 2019Updated 6 years ago
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 5 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 6 years ago
- PowerShell module to play with Kerberos S4U extensions☆23Sep 14, 2017Updated 8 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Sep 26, 2020Updated 5 years ago
- Event Logging is an XML Schema for describing the auditable events generated by computer systems, hardware devices and access control sys…☆25Apr 24, 2025Updated 9 months ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- GCP and GSUITE security auditing scripts☆27Apr 29, 2024Updated last year
- ☆11Feb 9, 2023Updated 3 years ago
- Presentation Slides☆26Jun 7, 2019Updated 6 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- A tool suite for use during system assessments.☆35May 29, 2025Updated 8 months ago
- POC for utilizing wikipedia API for Command and Control☆29Dec 8, 2022Updated 3 years ago
- Apps for Splunk Phantom security automation | Cisco Meraki | Ansible Tower | F5 | A10☆24May 29, 2020Updated 5 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆112Mar 25, 2021Updated 4 years ago