guardicore / labs_campaigns
☆355Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for labs_campaigns
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆533Updated 8 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆362Updated this week
- Tool Analysis Result Sheet☆345Updated 6 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆417Updated 11 months ago
- Code + documentation for the public GreyNoise API☆313Updated 3 years ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆267Updated 10 months ago
- RPZ Zone Files to Block DNS-over-HTTPS☆87Updated 3 years ago
- Detecting ATT&CK techniques & tactics for Linux☆256Updated 4 years ago
- CommunityHoneyNetwork Server☆39Updated last year
- This repo contains logstash of various honeypots☆174Updated 4 years ago
- ☆99Updated 3 years ago
- Data exfiltration over DNS request covert channel☆848Updated 6 months ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆431Updated last week
- Information released publicly by NCC Group's Cyber Incident Response Team☆474Updated 2 years ago
- Logging Made Easy☆706Updated last year
- Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber☆271Updated 3 years ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆775Updated last year
- Remote forensics meta tool☆462Updated 5 months ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆852Updated 4 years ago
- Main Build directory☆177Updated 5 years ago
- Documentation of Cortex☆170Updated last year
- Old CIS benchmarks archive☆161Updated 4 years ago
- Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides☆159Updated 4 years ago
- Cross-platform Yara scanner written in Go☆330Updated last year
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆718Updated 4 years ago
- EventList☆370Updated 3 years ago
- Warning lists to inform users of MISP about potential false-positives or other information in indicators☆534Updated last week
- SunBurst DGA Decode Script☆207Updated 3 years ago
- Test Blue Team detections without running any attack.☆271Updated 6 months ago