Alternatives and similar repositories for Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs

Users that are interested in Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs are comparing it to the libraries listed below

• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 4 years ago
• cisagov / kali-packer
  This project can be used to create AMIs based on Kali Linux, a penetration testing distribution.
  ☆21Updated 2 weeks ago
• Symantec / threathunters
  ☆28Updated 4 months ago
• cisagov / vulnerable-instances
  Virtual machines that are set up with a variety of known vulnerabilities.
  ☆14Updated 3 years ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆27Updated 2 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆46Updated 2 years ago
• mitre / training
  A CALDERA plugin
  ☆26Updated 10 months ago
• TobySalusky / cont3xt
  Cont3xt intends to centralize and simplify a structured approach to gathering contextual intelligence in support of technical investigati…
  ☆37Updated last year
• mlgualtieri / PurpleTeamSummit
  ☆27Updated 4 years ago
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆114Updated 3 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 3 years ago
• tenable / atomic-red-team
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆10Updated 3 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆45Updated last year
• Securityinbits / cheatsheet
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆24Updated last year
• sansinstitute / slingshot
  SANS Slingshot Linux Distribution
  ☆51Updated 4 years ago
• MarkBaggett / GeoLocationNotebook
  ☆39Updated 4 years ago
• MarkBaggett / werejugo
  Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs
  ☆93Updated 4 years ago
• nsacyber / Detect-CVE-2017-15361-TPM
  Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber
  ☆55Updated 6 years ago
• dhoelzer / Silky
  Web interface for monitoring and interacting with Netflow data stored in Silk repositories.
  ☆13Updated 6 years ago
• mitre / human
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆28Updated last year
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆30Updated 2 months ago
• nsacyber / PRUNE
  Logs key Windows process performance metrics. #nsacyber
  ☆66Updated 2 years ago
• cyberg3cko / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆31Updated 4 months ago
• MISP / misp-training-lea
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆32Updated last year
• adhdproject / buildkit-ng
  New version of the buildkit repository
  ☆9Updated 2 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆16Updated 4 years ago
• rabobank-cdc / dettect-editor
  DeTT&CT Editor
  ☆12Updated 3 weeks ago
• mitre / access
  A CALDERA plugin
  ☆22Updated 2 weeks ago
• Dutchosintguy / Blackfriday-Deals-2020
  Black Friday deals (Cyber/OSINT/Infosec)
  ☆28Updated 4 years ago
• NationalSecurityAgency / pelz
  ☆32Updated last year