invictus-ir / IOCsLinks
Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
☆27Updated 2 weeks ago
Alternatives and similar repositories for IOCs
Users that are interested in IOCs are comparing it to the libraries listed below
Sorting:
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…☆87Updated last week
- RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…☆58Updated 8 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆79Updated last month
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆31Updated last year
- ☆45Updated 2 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆151Updated last week
- ☆18Updated 3 weeks ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆81Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆30Updated 2 years ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆28Updated 4 months ago
- ☆164Updated 3 weeks ago
- Anvilogic Forge☆108Updated last month
- Memory Forensic System on Cloud☆91Updated last year
- ☆41Updated 10 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆59Updated 3 months ago
- ☆11Updated this week
- ☆41Updated last week
- A PoC to Simulate Ransomware Attack on AWS Environment☆32Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆106Updated last year
- Examine Chrome extensions for security issues☆85Updated 2 months ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27Updated 5 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆28Updated 7 months ago
- Mapping of open-source detection rules and atomic tests.☆177Updated 9 months ago
- ☆50Updated last month
- Rules shared by the community from 100 Days of YARA 2025☆36Updated 8 months ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Updated last year
- ☆73Updated 2 months ago
- Elastic version of SOC prime watcher rules☆30Updated last year
- Slides of my public talks☆56Updated last year