illusconsulting / CDM-Generator

Related projects ⓘ

Alternatives and complementary repositories for CDM-Generator

• SecurityAura / DE-TH-Aura
  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…
  ☆38Updated 2 weeks ago
• Bert-JanP / Sentinel-Automation
  Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
  ☆75Updated 3 months ago
• msdirtbag / MicrosoftPurpleTeamToolkit
  ☆41Updated 7 months ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆62Updated 5 months ago
• Bert-JanP / SecScripts
  Security Scripts and Sources for daily usage.
  ☆48Updated 2 weeks ago
• tsale / EDR-Telemetry-Website
  ☆72Updated this week
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆112Updated this week
• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆23Updated this week
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆73Updated this week
• m4nbat / KustQueryLanguage_kql
  Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
  ☆57Updated 3 weeks ago
• msdirtbag / ADXFlowmaster
  ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
  ☆27Updated 3 weeks ago
• saidhfm / Cloud-Threat-Detection-Lab-AWS
  ☆32Updated last week
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 2 months ago
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆59Updated 3 weeks ago
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆101Updated 6 months ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆52Updated 3 weeks ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 2 months ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆60Updated this week
• rootsecdev / Presentations
  Presentations from Conferences
  ☆26Updated 2 months ago
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆43Updated last month
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆75Updated 11 months ago
• reprise99 / 4688-sysmon
  ☆48Updated last year
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆87Updated 6 months ago
• ml58158 / Demystifying-KQL
  Content Repo for Demystifying KQL Tutorial Series
  ☆65Updated 2 months ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆46Updated 11 months ago
• PuravsPoint / DecipheringUAL
  This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…
  ☆50Updated 6 months ago
• curated-intel / MOVEit-Transfer
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆67Updated last year
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆110Updated 7 months ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆97Updated this week