spitzbuaamy / AbuseCH-to-MISP

Related projects: ⓘ

• NVISOsecurity / nviso-cti
  ☆40Updated 5 months ago
• OllieJC / tbat
  Threat Box Assessment Tool
  ☆19Updated 3 years ago
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆15Updated last year
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• iThreatopedia / iThreatopedia.github.io
  A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.
  ☆20Updated 2 years ago
• ezaspy / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆29Updated 2 months ago
• cocaman / analysis_scripts
  Collection of scripts used to analyse malware or emails
  ☆19Updated 3 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
  ☆50Updated 2 years ago
• AndrewRathbun / Anti-Forensics-VHDX
  A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…
  ☆25Updated last year
• edelucia / rules
  Cyber Threats Detection Rules
  ☆13Updated last week
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• n3l5 / irMempull
  PowerShell Memory Pulling script
  ☆19Updated 9 years ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 4 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆26Updated 4 months ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated last year
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆21Updated 2 years ago
• ValcanK / HomeLab
  ☆19Updated 3 years ago
• keydet89 / IWSBook
  Site for IWS book content
  ☆18Updated 5 years ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆17Updated 3 years ago
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆37Updated last year
• ninoseki / iocingestor
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆32Updated 7 months ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 3 years ago
• rkovar / ransomwarelegality
  Can you pay the ransom in your country?
  ☆13Updated 9 months ago
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• cocaman / yara-scan-service
  Repository for scripts and tips for "Yara Scan Service"
  ☆20Updated last year
• sans-blue-team / sec555-mdwiki-v1
  ☆10Updated 3 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• mandiant / goauditparser
  ☆42Updated last year