nsacyber / nsacyber.github.io
NSA Cybersecurity. Formerly known as NSA Information Assurance and the Information Assurance Directorate
☆260Updated last month
Related projects: ⓘ
- Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber☆394Updated last year
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆437Updated 2 years ago
- Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Stor…☆765Updated last year
- CLI tool to manage a SIFT Install☆417Updated last year
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,234Updated 4 years ago
- Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber☆163Updated 4 years ago
- MITRE ATT&CK Website☆483Updated this week
- ☆1,048Updated 5 years ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆462Updated 5 years ago
- The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…☆403Updated last year
- SIFT☆484Updated 7 months ago
- CASCADE Server☆262Updated last year
- A curated list of awesome resources related to Mitre ATT&CK™ Framework☆580Updated 5 years ago
- A collection of resources for Threat Hunters☆845Updated 2 months ago
- Guidance for mitigation web shells. #nsacyber☆961Updated last year
- ☆195Updated 2 years ago
- A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.☆433Updated 3 months ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆712Updated 4 years ago
- Scripts and code referenced in CrowdStrike blog posts☆331Updated 4 years ago
- WALKOFF-enabled applications. #nsacyber☆141Updated 5 years ago
- Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension☆345Updated 6 years ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆846Updated 3 years ago
- "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …☆984Updated 4 years ago
- Documentation of TheHive☆391Updated 11 months ago
- Actionable analytics designed to combat threats☆964Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆550Updated 2 months ago
- Remote forensics meta tool☆459Updated 3 months ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆536Updated last year
- Utilities for MITRE™ ATT&CK☆1,008Updated 3 months ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆554Updated 3 months ago