sfakiana / FIRST-CTI-2019Links
References for FIRST CTI 2019 Symposium presentation
☆22Updated 6 years ago
Alternatives and similar repositories for FIRST-CTI-2019
Users that are interested in FIRST-CTI-2019 are comparing it to the libraries listed below
Sorting:
- InvestigationPlaybookSpec☆72Updated 7 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- ☆39Updated 5 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- ☆55Updated 3 years ago
- For storing of the volumes☆4Updated 5 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 6 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 3 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 6 years ago
- Searches for Insider Threat Hunting☆32Updated 6 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆87Updated 3 years ago
- pocket guide for core threat hunting concepts☆23Updated 5 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Updated 7 years ago
- Python IOC Editor☆63Updated 10 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 3 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Updated 8 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Updated 7 years ago
- ☆33Updated 5 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆78Updated 2 years ago
- Cyber Intel Management☆48Updated 7 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Performs OCR on image files and scans them for matches to YARA rules☆41Updated 6 years ago
- Repository for my ATT&CK analysis research.☆69Updated 6 years ago