socfortress / Playbooks
Playbooks for SOC Analysts
☆144Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Playbooks
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆203Updated last year
- Tools for simulating threats☆177Updated last year
- MISP Playbooks☆174Updated last month
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆308Updated 5 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆186Updated 4 months ago
- Cyber Incident Response Team Playbook Battle Cards☆360Updated 6 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆130Updated this week
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆356Updated 2 months ago
- Resources To Learn And Understand SIGMA Rules☆168Updated last year
- Rules generated from our investigations.☆189Updated 3 weeks ago
- SentinelOne STAR Rules☆50Updated last year
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆71Updated 2 years ago
- A production ready Dockered MISP☆168Updated this week
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆51Updated 5 years ago
- Repository of SentinelOne Deep Visibility queries.☆119Updated 3 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆193Updated 4 years ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆105Updated 2 weeks ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆139Updated this week
- A curated repository of incident response playbooks☆62Updated last year
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆168Updated 4 months ago
- MISP to Sentinel integration☆59Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆123Updated 8 months ago
- Repository resource for threat hunter☆158Updated 6 years ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆158Updated last week
- An opensource sigma conversion tool built using pysigma☆96Updated this week
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆481Updated last week
- Some important DFIR Resources☆82Updated last year
- Blue Team detection lab created with Terraform and Ansible in Azure.☆143Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆471Updated last week