eSentire / iocs
☆15Updated this week
Related projects ⓘ
Alternatives and complementary repositories for iocs
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆21Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- ☆34Updated last year
- ☆19Updated last year
- ShellSweeping the evil.☆52Updated 4 months ago
- USN Journal full path builder☆36Updated last month
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆46Updated this week
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- Contains compiled binaries of Volatility☆29Updated last month
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 2 weeks ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆30Updated last year
- ☆31Updated 2 years ago
- Malformed Access Log to CSV - Convert Web Server Access Logs to CSV☆15Updated 2 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated 11 months ago
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆39Updated this week
- Create a cool process tree like https://twitter.com/ACEResponder.☆34Updated last year
- ☆25Updated 3 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month