redcanaryco / vscode-attack

Related projects: ⓘ

• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆105Updated 7 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 2 years ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆17Updated 3 years ago
• bromiley / pollen
  pollen - A command-line tool for interacting with TheHive
  ☆34Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆21Updated 3 weeks ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆41Updated 4 months ago
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆78Updated 2 months ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆37Updated 2 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 6 months ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆74Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆54Updated 2 years ago
• SecurityRiskAdvisors / ATTiRe
  Attack Tool Timing and Reporting - Structured Attack Logging Format
  ☆21Updated last year
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆56Updated last month
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆29Updated 2 months ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆64Updated 6 months ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆51Updated 3 years ago
• iomoath / yara-scanner
  YaraScanner is a file pattern-matching tool based on YARA rules.
  ☆54Updated last year
• imp0rtp3 / Yobi
  Yara Based Detection Engine for web browsers
  ☆47Updated 3 years ago
• tsale / Intrusion_data
  This repository is created to store the artifacts for any intrusions I share publicly.
  ☆23Updated last year
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated last year
• maartengoet / notebooks
  Jupyter notebooks
  ☆22Updated 4 years ago
• vz-risk / flow
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆43Updated 2 years ago
• center-for-threat-informed-defense / attack_to_veris
  🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …
  ☆70Updated 5 months ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 3 years ago
• moullos / Mitigate
  Machine Interrogation To Identify Gaps & Techniques for Execution
  ☆32Updated 2 years ago