mandiant / sunburst_countermeasures
☆561Updated last year
Alternatives and similar repositories for sunburst_countermeasures:
Users that are interested in sunburst_countermeasures are comparing it to the libraries listed below
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,067Updated 4 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆502Updated 4 years ago
- SunBurst DGA Decode Script☆207Updated 4 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,263Updated 2 years ago
- Tools for hunting for threats.☆581Updated 6 months ago
- Re-play Security Events☆1,637Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,151Updated last year
- TrustedSec Sysinternals Sysmon Community Guide☆1,208Updated 11 months ago
- Actionable analytics designed to combat threats☆983Updated 2 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆553Updated 3 years ago
- Indicators from Unit 42 Public Reports☆710Updated 3 weeks ago
- A knowledge base of actionable Incident Response techniques☆636Updated 2 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆409Updated last year
- EventList☆375Updated 4 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆722Updated 5 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,272Updated last year
- Documentation of TheHive☆396Updated last year
- ☆1,072Updated 5 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆565Updated 4 months ago
- Cyber Analytics Repository☆934Updated last year
- Understand adversary tradecraft and improve detection strategies☆707Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆706Updated 2 years ago
- A Powershell incident response framework☆1,598Updated 2 years ago
- Building environments to replicate small networks and deploy applications☆321Updated 3 months ago
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,262Updated last year
- Repository of YARA rules made by Trellix ATR Team☆593Updated last month
- ReversingLabs YARA Rules☆814Updated 2 weeks ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,459Updated last month