mandiant / sunburst_countermeasures
☆560Updated last year
Alternatives and similar repositories for sunburst_countermeasures:
Users that are interested in sunburst_countermeasures are comparing it to the libraries listed below
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,065Updated 4 months ago
- SunBurst DGA Decode Script☆207Updated 4 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,145Updated last year
- Tools for hunting for threats.☆579Updated 5 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆499Updated 3 years ago
- Open Source Security Events Metadata (OSSEM)☆1,260Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆706Updated 2 years ago
- Re-play Security Events☆1,629Updated last year
- Indicators from Unit 42 Public Reports☆710Updated last week
- Actionable analytics designed to combat threats☆981Updated 2 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆584Updated last year
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆562Updated 3 months ago
- Repository of YARA rules made by Trellix ATR Team☆585Updated 2 weeks ago
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,257Updated last year
- An Active Defense and EDR software to empower Blue Teams☆1,269Updated last year
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,417Updated 2 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆407Updated last year
- Cyber Analytics Repository☆930Updated last year
- Online hash checker for Virustotal and other services☆822Updated last week
- A set of Zeek scripts to detect ATT&CK techniques.☆583Updated 9 months ago
- ReversingLabs YARA Rules☆806Updated last week
- TrustedSec Sysinternals Sysmon Community Guide☆1,198Updated 10 months ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆552Updated 3 years ago
- Understand adversary tradecraft and improve detection strategies☆707Updated 2 years ago
- Documentation of TheHive☆396Updated last year
- IOC from articles, tweets for archives☆313Updated last year
- A knowledge base of actionable Incident Response techniques☆632Updated 2 years ago
- PCAP Samples for Different Post Exploitation Techniques☆356Updated 3 years ago
- EventList☆374Updated 4 years ago
- SolarWinds Orion Account Audit / Password Dumping Utility☆352Updated last year