svch0stz / TheThreatHuntLibrary
Library of threat hunts to get any user started!
☆44Updated 4 years ago
Alternatives and similar repositories for TheThreatHuntLibrary:
Users that are interested in TheThreatHuntLibrary are comparing it to the libraries listed below
- User Feedback Space of #MitreAssistant☆37Updated last year
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆63Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated last month
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- ☆87Updated last year
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆61Updated 11 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Security Content for the PEAK Threat Hunting Framework☆28Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- ☆34Updated 6 months ago
- ☆21Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Cyber Threats Detection Rules☆14Updated 3 months ago
- Script to automate Linux live evidence collection☆27Updated 2 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated last month
- Automated detection rule analysis utility☆29Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆53Updated 2 years ago
- ☆19Updated 2 years ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- SigmaHQ pySigma CrowdStrike processing pipeline☆24Updated 6 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆28Updated this week
- A collection of tips for using MISP.☆74Updated 4 months ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- Full of public notes and Utilities☆98Updated 2 months ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 6 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year