A lab environment for learning about MSTICPy
☆38Feb 3, 2023Updated 3 years ago
Alternatives and similar repositories for msticpy-lab
Users that are interested in msticpy-lab are comparing it to the libraries listed below
Sorting:
- Microsoft Threat Intelligence Security Tools☆1,954Mar 6, 2026Updated 2 weeks ago
- ☆17Mar 28, 2023Updated 2 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆132Oct 17, 2020Updated 5 years ago
- python framework to parse logs for IR☆15May 2, 2021Updated 4 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- Capture. Detonate. Collect☆14Sep 20, 2024Updated last year
- ☆26May 22, 2021Updated 4 years ago
- small IR scripts for orgs using G Suite☆18Feb 27, 2019Updated 7 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆36Feb 28, 2025Updated last year
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Miscellaneous notebooks to use with Sentinel Hub☆20Aug 28, 2023Updated 2 years ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆27Jun 25, 2024Updated last year
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆20Sep 4, 2018Updated 7 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆32Nov 25, 2019Updated 6 years ago
- Command Line STDOUT Colorer☆30Jul 27, 2021Updated 4 years ago
- Meraki Adventure API Lab☆10Jul 6, 2020Updated 5 years ago
- Additional resources to improve customer experience with Microsoft Defender for Cloud Apps☆25Nov 4, 2025Updated 4 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆68Dec 7, 2025Updated 3 months ago
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆83Feb 21, 2024Updated 2 years ago
- Very easy to use demo showcasing Meraki APIs☆11Dec 13, 2023Updated 2 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)☆12Jan 22, 2026Updated 2 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- DEPRECATED -> GO TO https://github.com/microsoft/Microsoft-threat-protection-Hunting-Queries☆20Apr 22, 2020Updated 5 years ago
- WLEAPP is an open source project that aims to parse Windows OS artifacts for the purpose of triage analysis.☆32Nov 16, 2023Updated 2 years ago
- Analyzing AD domains for security risks related to user accounts☆64Nov 11, 2022Updated 3 years ago
- Automated detection rule analysis utility☆28Sep 22, 2022Updated 3 years ago
- Creating an ATT&CK Navigator layer with the detection coverage of the signals available within Tanium Threat Response.☆11Jun 2, 2021Updated 4 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆56Updated this week
- MSTIC Notebook Components☆35Sep 4, 2025Updated 6 months ago
- This repository contains generated contextual data utilized by pyattck.☆19Mar 3, 2025Updated last year
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- ☆12Apr 1, 2024Updated last year
- ☆42Sep 16, 2022Updated 3 years ago
- Samples of ML models learning from source code☆20Nov 28, 2022Updated 3 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Jul 7, 2018Updated 7 years ago
- Post-Infection Collection Toolkit☆95Jan 31, 2023Updated 3 years ago
- Penguin OS Forensic (or Flight) Recorder☆40Mar 13, 2026Updated last week