lucky-luk3 / Infosec_Notebooks
☆21Updated last year
Related projects: ⓘ
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- Baseline a Windows System against LOLBAS☆22Updated 4 months ago
- ☆25Updated 3 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 11 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆66Updated 10 months ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆57Updated last year
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- ☆84Updated 7 months ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆40Updated 4 years ago
- Detection of obfuscated Powershell commands☆53Updated last year
- ☆42Updated 3 months ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆39Updated last year
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆40Updated 2 years ago
- Test case indexes☆35Updated 2 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- ☆19Updated last year
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆37Updated 3 years ago
- ☆20Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated last year
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆22Updated 11 months ago
- ShellSweeping the evil.☆49Updated 3 months ago
- ESXi Cyber Security Incident Response Script☆19Updated 2 weeks ago
- ☆34Updated this week
- ☆18Updated 2 years ago
- Cyber Threats Detection Rules☆13Updated last week