guardicore / labs_campaigns
☆354Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for labs_campaigns
- Detecting ATT&CK techniques & tactics for Linux☆256Updated 4 years ago
- HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…☆532Updated 7 months ago
- Code + documentation for the public GreyNoise API☆313Updated 3 years ago
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆230Updated 3 years ago
- A medium interaction printer honeypot 🍯☆201Updated last year
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆778Updated 4 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆417Updated 10 months ago
- Tool Analysis Result Sheet☆345Updated 6 years ago
- Information released publicly by NCC Group's Cyber Incident Response Team☆475Updated 2 years ago
- Searches For Threat Hunting and Security Analytics☆239Updated 3 years ago
- Remote forensics meta tool☆462Updated 4 months ago
- SunBurst DGA Decode Script☆207Updated 3 years ago
- Test Blue Team detections without running any attack.☆271Updated 6 months ago
- Cross-platform Yara scanner written in Go☆330Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆491Updated 3 years ago
- This repo contains logstash of various honeypots☆174Updated 4 years ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆285Updated last month
- All sysmon event types and their fields explained☆536Updated 2 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆57Updated 4 years ago
- Automated Use Case Testing☆165Updated 6 years ago
- ☆207Updated last year
- DejaVU - Open Source Deception Framework☆400Updated last year
- Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.☆251Updated 2 years ago
- A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.☆435Updated this week
- Documentation of Cortex☆170Updated last year
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆556Updated 5 months ago
- Main Build directory☆177Updated 5 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆718Updated 4 years ago
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- ☆99Updated 3 years ago