microsoft / msticpy-lab
A lab environment for learning about MSTICPy
☆36Updated last year
Related projects ⓘ
Alternatives and complementary repositories for msticpy-lab
- MSTIC Notebook Components☆30Updated 2 weeks ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆115Updated 4 years ago
- ☆70Updated 2 weeks ago
- A community event for security researchers to share their favorite notebooks☆106Updated 8 months ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆124Updated 2 years ago
- ☆43Updated 3 weeks ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆33Updated last year
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆38Updated 4 years ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆78Updated 4 years ago
- ☆58Updated 2 years ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆109Updated 11 months ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆36Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆72Updated this week
- User Feedback Space of #MitreAssistant☆37Updated last year
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- My Jupyter Notebooks☆36Updated 7 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆66Updated 3 years ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 7 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆77Updated 9 months ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 6 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated 8 months ago
- Notes on responding to security breaches relating to Azure AD☆96Updated 2 years ago