nsacyber / Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs

Related projects ⓘ

Alternatives and complementary repositories for Chinese-State-Sponsored-Cyber-Operations-Observed-TTPs

• nsacyber / Blocking-Outdated-Web-Technologies
  Guidance for blocking outdated web technologies. #nsacyber
  ☆55Updated 2 years ago
• nsacyber / Cyber-Challenge
  Supporting files for cyber challenge exercises. #nsacyber
  ☆44Updated 6 years ago
• nsacyber / PRUNE
  Logs key Windows process performance metrics. #nsacyber
  ☆64Updated last year
• pan-unit42 / wireshark-tutorial-Dridex-traffic
  pcaps for Wireshark tutorial about examining Dridex infection traffic
  ☆16Updated 4 years ago
• mitre / human
  Caldera plugin to deploy "humans" to emulate user behavior on systems
  ☆25Updated 6 months ago
• mitre / training
  A CALDERA plugin
  ☆25Updated 3 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• MISP / misp-training-lea
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆31Updated last year
• sans-blue-team / sec555-mdwiki-v1
  ☆11Updated 3 years ago
• Securityinbits / cheatsheet
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆25Updated 10 months ago
• Symantec / threathunters
  ☆27Updated 2 weeks ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated last year
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆80Updated 2 years ago
• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆110Updated 10 months ago
• visma-prodsec / columbo
  Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
  ☆61Updated 2 years ago
• sansinstitute / slingshot
  SANS Slingshot Linux Distribution
  ☆45Updated 4 years ago
• dhoelzer / Silky
  Web interface for monitoring and interacting with Netflow data stored in Silk repositories.
  ☆13Updated 5 years ago
• fulmetalpackets / protohacking
  This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.
  ☆32Updated 2 years ago
• CybercentreCanada / assemblyline_client
  Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4
  ☆23Updated last month
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆72Updated this week
• slaughterjames / excelpeek
  ☆37Updated 2 years ago
• silverfort-open-source / latma
  ☆79Updated last year
• cyberbuff / TheAtomicPlaybook
  The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…
  ☆29Updated 9 months ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆75Updated 5 months ago
• fireeye / fireeye-python
  ☆49Updated last year
• mlgualtieri / PurpleTeamSummit
  ☆25Updated 3 years ago
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆107Updated 3 years ago
• Orange-Cyberdefense / log4shell_iocs
  Log4Shell IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake
  ☆18Updated last year