intelshare / What_is_this_forumLinks
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆12Updated last month
Alternatives and similar repositories for What_is_this_forum
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
Sorting:
- The Threat Actor Profile Guide for CTI Analysts☆115Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆113Updated last year
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 8 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 7 months ago
- IOCs collected during day-to-day activities☆80Updated this week
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated last year
- Cyber Underground General Intelligence Requirements☆96Updated last year
- Parses USB connection artifacts from offline Registry hives☆102Updated 4 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆108Updated 6 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- A collection of CVEs weaponized by ransomware operators☆125Updated 3 weeks ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆88Updated 9 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated last year
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆199Updated last year
- ☆34Updated this week
- A series of python scripts to extract information from Dark Web Applications☆13Updated 7 months ago
- ☆116Updated 5 months ago
- macOS Artifacts☆33Updated 8 months ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated 2 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆125Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 3 years ago
- A repository to store community malware research notes and findings.☆14Updated 3 months ago
- Some important DFIR Resources☆83Updated 2 years ago
- Incident Response documents and tooling☆108Updated 2 months ago
- Menu for Thor scanner lite☆20Updated 2 weeks ago
- Regular Expressions List used in Digital Forensic Tasks☆91Updated 8 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 8 months ago
- Harness the power of Splunk for your investigations☆139Updated 3 weeks ago