tiburon-security / sriracha-iq
Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threat hunting, blue team assessments, audits, and security control assessments.
☆17Updated 4 years ago
Related projects: ⓘ
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- ☆33Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- ☆12Updated 4 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 3 years ago
- Using QRadar API☆20Updated 6 years ago
- A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the…☆47Updated 9 months ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆28Updated 6 years ago
- ☆10Updated 3 years ago
- Generic Signature Format for SIEM Systems☆14Updated 2 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Workflows for Shuffle☆20Updated last year
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆25Updated 8 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- incident response scripts☆18Updated 5 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Example Suricata rules implementing some of my detection tactics☆20Updated last year
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆21Updated 5 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆24Updated 3 years ago
- Subscriptions to collect Windows Event Logs mapped to the MITRE ATT&CK model☆12Updated 3 years ago
- ☆20Updated this week
- DNS Dashboard for hunting and identifying beaconing☆14Updated 4 years ago
- List of sigma for a variety of threats for multiple log sources.☆10Updated 5 years ago
- Best practices in threat intelligence☆46Updated last year