intelshare / What_is_this_forumLinks
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆12Updated 4 months ago
Alternatives and similar repositories for What_is_this_forum
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
Sorting:
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆115Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆116Updated 2 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Updated 11 months ago
- Cyber Underground General Intelligence Requirements☆97Updated last year
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆108Updated 9 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆126Updated last year
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Updated 11 months ago
- ☆120Updated 8 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆162Updated 9 months ago
- The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World☆150Updated last month
- A collection of CVEs weaponized by ransomware operators☆129Updated 3 months ago
- Incident Response documents and tooling☆111Updated last month
- Config files for my GitHub profile.☆14Updated 2 years ago
- IOCs collected during day-to-day activities☆103Updated this week
- ☆34Updated 2 months ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆34Updated last year
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆69Updated 2 years ago
- Regular Expressions List used in Digital Forensic Tasks☆92Updated 11 months ago
- A repository to store community malware research notes and findings.☆15Updated last month
- Sigma detection rules for hunting with the threathunting-keywords project☆58Updated 10 months ago
- Parses USB connection artifacts from offline Registry hives☆106Updated 7 months ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated 2 years ago
- ☆28Updated 3 months ago
- ☆24Updated 3 weeks ago
- macOS Artifacts☆33Updated 10 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆201Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Updated 2 years ago