nsacyber / Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs
Supporting files for the Chinese State-Sponsored Cyber Operations: Observed TTPs Cybersecurity Advisory. #nsacyber
☆39Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs
- Guidance for blocking outdated web technologies. #nsacyber☆55Updated 2 years ago
- Supporting files for cyber challenge exercises. #nsacyber☆44Updated 6 years ago
- Logs key Windows process performance metrics. #nsacyber☆64Updated last year
- pcaps for Wireshark tutorial about examining Dridex infection traffic☆16Updated 4 years ago
- Caldera plugin to deploy "humans" to emulate user behavior on systems☆25Updated 6 months ago
- A CALDERA plugin☆25Updated 3 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆31Updated last year
- ☆11Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆25Updated 10 months ago
- ☆27Updated 2 weeks ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆25Updated last year
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆80Updated 2 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆110Updated 10 months ago
- Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.☆61Updated 2 years ago
- SANS Slingshot Linux Distribution☆45Updated 4 years ago
- Web interface for monitoring and interacting with Netflow data stored in Silk repositories.☆13Updated 5 years ago
- This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.☆32Updated 2 years ago
- Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4☆23Updated last month
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆72Updated this week
- ☆37Updated 2 years ago
- ☆79Updated last year
- The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…☆29Updated 9 months ago
- Digital Forensics Artifacts Knowledge Base☆75Updated 5 months ago
- ☆49Updated last year
- ☆25Updated 3 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆107Updated 3 years ago
- Log4Shell IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake☆18Updated last year