Alternatives and similar repositories for Threat-Hunting-in-AWS:

Users that are interested in Threat-Hunting-in-AWS are comparing it to the libraries listed below

• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆67Updated this week
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• DefensiveOrigins / DO-LAB
  ☆46Updated last week
• joswr1ght / s3logparse
  Simple parser to get useful information from AWS S3 logs
  ☆24Updated 3 years ago
• ch33r10 / DEFCON29-BTV-ThreatReportRoulette
  Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…
  ☆15Updated last year
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• ValcanK / HomeLab
  ☆20Updated 4 years ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆38Updated 11 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆37Updated last year
• jeffmcjunkin / endgame
  An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…
  ☆10Updated 4 years ago
• SigmaHQ / pySigma-backend-crowdstrike
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆23Updated 4 months ago
• jsecurity101 / Automated-Detection-Pipeline
  ☆15Updated 4 years ago
• maartengoet / notebooks
  Jupyter notebooks
  ☆23Updated 4 years ago
• mlgualtieri / PurpleTeamSummit
  ☆26Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 11 months ago
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 3 years ago
• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• jakob-source / falcon-crowdstrike
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆29Updated 4 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 11 months ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated 4 months ago
• bluemountaincyber / evidence-app
  Serverless AWS application to upload and hash evidence files.
  ☆21Updated 2 years ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 6 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 10 months ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆25Updated 10 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 7 months ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆26Updated 2 months ago
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆129Updated 4 years ago