jhainly / det3ct-the-att-ck
SIEM Detection Use Case Library mapped to MITRE ATT&CK tactics and techniques
☆12Updated 5 years ago
Related projects: ⓘ
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Incident Response Playbooks☆14Updated 5 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Reference sheet for Threat Hunting Professional Course☆24Updated 5 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- Threat Hunter's Knowledge Base☆21Updated 2 years ago
- Three datasets to practice Threat Hunting against.☆36Updated 8 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆57Updated last year
- Tool used to perform threat intelligence against packet data☆34Updated 5 months ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆25Updated 8 months ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆76Updated 2 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆22Updated 2 months ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- ☆28Updated 5 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 4 months ago
- A CALDERA plugin for autonomous incident response☆23Updated 7 months ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 2 years ago
- Cyber Threats Detection Rules☆13Updated last week
- Generate a histogram of TCP and UDP payload bytes from a pcap file☆23Updated 2 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 3 years ago
- ☆14Updated 4 years ago
- Best practices in threat intelligence☆46Updated last year
- MITRE Shield website☆18Updated 2 years ago
- ☆10Updated 3 years ago
- ☆21Updated 3 years ago