rapid7 / insightvm-sql-queries
InsightVM helpful SQL queries
☆64Updated 2 months ago
Alternatives and similar repositories for insightvm-sql-queries:
Users that are interested in insightvm-sql-queries are comparing it to the libraries listed below
- Conference presentations☆47Updated last year
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆114Updated 6 months ago
- Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.☆34Updated last year
- Tools for simulating threats☆183Updated last year
- ☆58Updated 3 years ago
- ☆41Updated 11 months ago
- Security Scripts and Sources for daily usage.☆58Updated 2 weeks ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- Repository of SentinelOne Deep Visibility queries.☆126Updated 3 years ago
- ☆83Updated last month
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆133Updated 2 years ago
- ☆42Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 11 months ago
- A list of Splunk queries that I've collected and used over time.☆80Updated 4 years ago
- MISP to Sentinel integration☆64Updated 2 weeks ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆89Updated 4 years ago
- Real-time Response scripts and schema☆110Updated last year
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆69Updated 4 years ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆137Updated 3 weeks ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆53Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆123Updated 3 weeks ago
- Notes on responding to security breaches relating to Azure AD☆110Updated 3 years ago
- A port of BHIS's Backdoors & Breaches for playingcards.io☆62Updated 2 years ago
- Identify Azure blobs using a wordlist of account name and container name strings☆40Updated last month
- SentinelOne STAR Rules☆59Updated 2 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆250Updated 2 months ago
- Manage Windows auditing policies.☆35Updated 2 weeks ago
- Some Threat Hunting queries useful for blue teamers☆125Updated 2 years ago
- CrowdStrike Falcon Queries For Advanced Threat Detection☆17Updated last month
- ☆62Updated last year