redcanaryco / vscode-attack
Visual Studio Code extension for MITRE ATT&CK
☆51Updated 2 months ago
Related projects: ⓘ
- A community event for security researchers to share their favorite notebooks☆105Updated 7 months ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- Python library for threat intelligence☆78Updated 2 months ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆37Updated 2 years ago
- A YARA Rule Performance Measurement Tool☆58Updated 6 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- OSSEM Common Data Model☆54Updated 2 years ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆21Updated last year
- A collection of tips for using MISP.☆74Updated 5 months ago
- OSSEM Data Dictionaries☆56Updated last month
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆29Updated 2 months ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆51Updated 3 years ago
- YaraScanner is a file pattern-matching tool based on YARA rules.☆54Updated last year
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- This repository is created to store the artifacts for any intrusions I share publicly.☆23Updated last year
- Automated detection rule analysis utility☆29Updated last year
- Jupyter notebooks☆22Updated 4 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆43Updated 2 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆70Updated 5 months ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago