threat-hunting / awesome-threat-detection

Related projects ⓘ

Alternatives and complementary repositories for awesome-threat-detection

• MarkBaggett / 504lab
  Distribution of the SANS SEC504 Windows Cheat Sheet Lab
  ☆66Updated 4 years ago
• DefensiveOrigins / DO-LAB
  ☆43Updated last month
• Cyb3r-Monk / Cheat-Sheets
  Cheat sheets for threat hunting, detection and other stuff.
  ☆32Updated 2 years ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆47Updated last year
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆70Updated last month
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 6 months ago
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆23Updated 3 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆87Updated last week
• threat-hunting / awesome-threat-intelligence
  A curated list of Awesome Threat Intelligence resources
  ☆46Updated 6 years ago
• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• miladaslaner / AdvHuntingCheatSheet
  Microsoft Threat Protection Advance Hunting Cheat Sheet
  ☆78Updated 4 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 7 months ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆33Updated last year
• brianreitz / awesome-blueteam
  A list of resources to build a information security team.
  ☆13Updated 3 years ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆87Updated 4 years ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆51Updated last year
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆36Updated 2 years ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆62Updated 5 months ago
• DFIRmadness / infosec-fortress
  A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources t…
  ☆50Updated 2 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• TheHive-Project / DigitalShadows2TH
  DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆35Updated 5 years ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆109Updated 11 months ago
• FirmGuardian / backdoors-and-breaches-pcio
  A port of BHIS's Backdoors & Breaches for playingcards.io
  ☆60Updated last year
• rj-chap / BaselineTraining
  Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk
  ☆12Updated 5 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 7 months ago
• elysiumsecurityltd / IRM
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆23Updated 2 years ago
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆48Updated 2 years ago
• NorthfieldCreative / splunk-crowdstrike-event-queries
  ☆13Updated 2 years ago
• AtomicGaryBusey / AzureForensics
  ☆29Updated 3 years ago