elastic / security-research

Related projects ⓘ

Alternatives and complementary repositories for security-research

• splunk / security_content_docs
  Contains research.splunk.com site code
  ☆10Updated 7 months ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆76Updated 4 years ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆75Updated 3 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆106Updated 9 months ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 2 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆115Updated 4 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• target / huntlib
  A Python library to help with some common threat hunting data analysis operations
  ☆139Updated last year
• MattETurner / DFIRlogbook
  Logbook for Digital Forensics and Incident Response
  ☆49Updated 4 months ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 3 weeks ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆58Updated last year
• meirwah / awesome-malware-analysis
  A curated list of awesome malware analysis tools and resources
  ☆77Updated 8 years ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆75Updated 6 months ago
• davidpany / CDPO
  CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.
  ☆15Updated 7 years ago
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• shr3ddersec / ThreatHunting
  Reference sheet for Threat Hunting Professional Course
  ☆25Updated 5 years ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆87Updated 4 years ago
• annamcabee / Mitre-Attack-API
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆73Updated 7 years ago
• randomuserid / Tylium
  Primary data pipelines for intrusion detection, security analytics and threat hunting
  ☆86Updated 2 years ago
• clausing / scripts
  ☆43Updated last month
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆23Updated 4 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆1Updated last month
• bromiley / olaf
  Office365 Log Analysis Framework
  ☆81Updated 5 years ago
• joshlemon / DFIR-Reference-Frameworks
  Repository of public reference frameworks for the DFIR community.
  ☆109Updated last year
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆85Updated 4 years ago
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆37Updated this week
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆30Updated 5 years ago