redcanaryco / ansible-atomic-red-team
This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
☆23Updated 2 months ago
Related projects: ⓘ
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆21Updated 3 weeks ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- ☆19Updated last year
- Test case indexes☆35Updated 2 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 10 months ago
- ☆42Updated 3 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆48Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 6 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- Baseline a Windows System against LOLBAS☆22Updated 4 months ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- Parses USB connection artifacts from offline Registry hives☆50Updated last week
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆22Updated 3 weeks ago
- CarbonBlack EDR detection rules and response actions☆70Updated last week
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 2 years ago
- ShellSweeping the evil.☆49Updated 3 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- Slides of my public talks☆46Updated 9 months ago
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆36Updated 5 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆66Updated 9 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 3 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆24Updated 9 months ago
- An exercise to practice deobfuscating PowerShell Scripts.☆27Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆18Updated 6 months ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆40Updated 5 months ago
- ☆21Updated this week
- General Content☆19Updated 2 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆23Updated 2 weeks ago