Alternatives and similar repositories for Threat-Hunting-in-AWS:

Users that are interested in Threat-Hunting-in-AWS are comparing it to the libraries listed below

• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆57Updated 2 weeks ago
• DefensiveOrigins / DO-LAB
  ☆45Updated 3 weeks ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• ValcanK / HomeLab
  ☆19Updated 3 years ago
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 3 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 9 months ago
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• jsecurity101 / Automated-Detection-Pipeline
  ☆15Updated 4 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 9 months ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆25Updated last month
• SigmaHQ / pySigma-backend-crowdstrike
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆21Updated 3 months ago
• edelucia / rules
  Cyber Threats Detection Rules
  ☆14Updated 3 weeks ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 5 months ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆36Updated last year
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆37Updated 10 months ago
• moullos / Mitigate
  Machine Interrogation To Identify Gaps & Techniques for Execution
  ☆32Updated 2 years ago
• Ebryx / aws-threathunting
  Projects for AWS ThreatHunting
  ☆21Updated 3 years ago
• 0x6d6f7468 / honeybadger
  ☆20Updated 5 years ago
• ps-interactive / labs_modern_malware_c2
  labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.
  ☆18Updated 2 years ago
• Antonlovesdnb / SANSTHS2021
  Hunting Malicious Macros SANS Threathunting Summit 2021 Materials
  ☆40Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆41Updated 4 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 9 months ago
• maartengoet / notebooks
  Jupyter notebooks
  ☆22Updated 4 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 3 years ago
• ch33r10 / DEFCON29-BTV-ThreatReportRoulette
  Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…
  ☆15Updated last year