sans-blue-team / sans-blue-team.github.io
SANS Blue Team Pages
☆11Updated 7 years ago
Related projects: ⓘ
- ☆131Updated 5 months ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆64Updated 4 years ago
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆95Updated 4 years ago
- ☆41Updated 3 years ago
- ☆51Updated 3 years ago
- public assets for ironcat emulation software ;)☆14Updated last year
- Tools to automate and/or expedite response.☆113Updated 2 months ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆123Updated last year
- A Splunk app with saved reports derived from Sigma rules☆72Updated 6 years ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Updated 4 years ago
- ☆76Updated 5 years ago
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆24Updated 4 months ago
- Carbon Black Feeds☆70Updated last year
- Security Monitoring Resolution Categories☆138Updated 2 years ago
- Term concordances for each course in the SANS DFIR curriculum. Used for automated index generation.☆64Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆82Updated 3 years ago
- A port of BHIS's Backdoors & Breaches for playingcards.io☆59Updated last year
- SPL cheatsheet for Splunk.☆20Updated last year
- MITRE ATT&CK Framework compliance dashboard and correlation searches that works with Splunk Enterprise Security and ES Content Update☆28Updated 4 months ago
- DDTTX Tabletop Trainings☆28Updated 2 years ago
- LogRhythm PowerShell Toolkit☆48Updated 11 months ago
- Windows Defender ATP - Advanced Hunting Queries☆21Updated 6 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- ☆101Updated this week
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆12Updated 3 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆41Updated 8 years ago
- Web application to create indexes for GIAC certification examinations.☆132Updated last year
- ☆55Updated 2 years ago