intelshare / What_is_this_forumLinks
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆11Updated last month
Alternatives and similar repositories for What_is_this_forum
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
Sorting:
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆97Updated 8 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆101Updated 2 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆41Updated this week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 8 months ago
- The Threat Actor Profile Guide for CTI Analysts☆108Updated 2 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Updated 4 months ago
- IOCs collected during day-to-day activities☆68Updated this week
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated 3 months ago
- A collection of CVEs weaponized by ransomware operators☆118Updated last month
- Cyber Underground General Intelligence Requirements☆94Updated last year
- Config files for my GitHub profile.☆14Updated 2 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Regular Expressions List used in Digital Forensic Tasks☆87Updated 4 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 5 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 10 months ago
- Parses USB connection artifacts from offline Registry hives☆99Updated last month
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆53Updated last week
- Some important DFIR Resources☆83Updated 2 years ago
- Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports☆122Updated this week
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 8 months ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated 2 years ago
- ☆108Updated last month
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆66Updated last year
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆199Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Updated 9 months ago
- Incident Response documents and tooling☆74Updated last year
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆186Updated 6 months ago
- Harness the power of Splunk for your investigations☆116Updated 3 weeks ago