tines / stories
☆12Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for stories
- A few quick recipes for those that do not have much time during the day☆21Updated 2 weeks ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆24Updated last year
- CyCAT.org taxonomies☆14Updated 3 years ago
- Stupid Simple Detection Testing☆11Updated 8 months ago
- Visual Studio Code extension for MITRE ATT&CK☆52Updated 4 months ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆43Updated 2 years ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆37Updated 3 years ago
- Legal, procedural and policies document templates for operating MISP and information sharing communities☆37Updated last year
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated last year
- Integration between MISP platform and McAfee MVISION EDR☆14Updated 2 years ago
- Workflows for Shuffle☆20Updated 2 years ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆16Updated last year
- Recipes for GCHQ's CyberChef Web App☆35Updated 5 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆14Updated 5 years ago
- Following repository contains source codes used in my two Books.☆10Updated 9 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆32Updated 5 months ago
- Updated incident response generator for training classes☆41Updated 3 years ago
- ☆11Updated 3 years ago
- ☆37Updated 2 months ago
- Can you pay the ransom in your country?☆13Updated 10 months ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- ☆12Updated 5 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆22Updated 2 months ago
- Remotely collect linux live forensics artifacts.☆13Updated 2 years ago
- ☆28Updated 3 weeks ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- TITO is a light framework for operationalizing threat intelligence that is platform and data agnostic.☆20Updated 4 years ago
- ☆36Updated 6 months ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆17Updated 2 months ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆16Updated last week