n0jam / gcp-ctf-workshopLinks
☆37Updated 6 months ago
Alternatives and similar repositories for gcp-ctf-workshop
Users that are interested in gcp-ctf-workshop are comparing it to the libraries listed below
Sorting:
- Repository that contains a set of purposefully erroneous Yara rules.☆51Updated last year
- Collection of Docker honeypot logs from 2021 - 2024☆36Updated 8 months ago
- RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…☆49Updated 3 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆29Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆31Updated 7 months ago
- ☆17Updated 6 months ago
- Anvilogic Forge☆103Updated this week
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆21Updated 9 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆97Updated last year
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.☆19Updated last year
- An LLM and OCR based Indicator of Compromise Extraction Tool☆33Updated 6 months ago
- ☆40Updated last week
- ☆41Updated 3 months ago
- ☆92Updated 2 weeks ago
- An index of publicly available and open-source threat detection rulesets.☆112Updated last month
- Rules shared by the community from 100 Days of YARA 2025☆33Updated 4 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆43Updated 2 months ago
- Framework for Monitoring File Ingestion Source for Yara Matches☆46Updated 2 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆74Updated last year
- ☆33Updated 6 months ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆26Updated 3 weeks ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆102Updated last year
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆11Updated this week
- Mapping of open-source detection rules and atomic tests.☆165Updated 4 months ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆120Updated last week
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated last week
- pocket guide for core detection engineering concepts☆28Updated 2 years ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆43Updated 8 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆165Updated 7 months ago
- gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…☆55Updated last week