mattreduce / cti-self-studyLinks
Track progress and keep notes while working through likethecoins' CTI Self Study Plan
☆29Updated 3 years ago
Alternatives and similar repositories for cti-self-study
Users that are interested in cti-self-study are comparing it to the libraries listed below
Sorting:
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Updated last year
- A home for detection content developed by the delivr.to team☆72Updated 3 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆51Updated 2 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- Cheat sheets for threat hunting, detection and other stuff.☆34Updated 3 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 4 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Updated last month
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Updated 3 weeks ago
- Offensive Research Guide to Help Defense Improve Detection☆31Updated 2 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 4 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆65Updated 3 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Updated 9 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated last year
- DNS Dashboard for hunting and identifying beaconing☆16Updated 5 years ago
- ☆14Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Updated 4 years ago
- Quick ESXi Log Parser☆28Updated 3 weeks ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 3 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆68Updated last year
- Penguin OS Forensic (or Flight) Recorder☆42Updated 10 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated 2 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 11 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year