trellix-enterprise / ac3-threat-sightings

Related projects ⓘ

Alternatives and complementary repositories for ac3-threat-sightings

• opencybersecurityalliance / oca-iob
  Augmentation to Machine Readable CTI
  ☆25Updated last month
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆56Updated last year
• ConnorShride / box-ps
  Powershell sandboxing utility
  ☆17Updated 2 weeks ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆68Updated 11 months ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated 2 years ago
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆93Updated 11 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• iknowjason / Velociraptor_Azure
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆20Updated 3 years ago
• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆26Updated 3 weeks ago
• Karib0u / CTrag
  A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.
  ☆19Updated 7 months ago
• Tatsuya-hasegawa / MSTICPy_utils
  my MSTICpy practice and custom tools repository
  ☆11Updated this week
• fkie-cad / amides
  An Adaptive Misuse Detection System
  ☆29Updated this week
• stvemillertime / Cerebro
  Scripts and lists to help generate YARA friendly string mutations
  ☆19Updated last year
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆31Updated 2 years ago
• dfir-ronin / APT-OpenIOC-Detection-Rules
  This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…
  ☆21Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆66Updated this week
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆58Updated last year
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆52Updated 6 months ago
• jsecurity101 / Automated-Detection-Pipeline
  ☆15Updated 3 years ago
• CyberCX-DFIR / usnjrnl_rewind
  USN Journal full path builder
  ☆36Updated last month
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆47Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• tropChaud / Categorized-Adversary-TTPs
  Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…
  ☆50Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆59Updated 2 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated last week
• g-les / floss2yar
  ☆15Updated 2 years ago
• cti-cmm / framework
  A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…
  ☆19Updated 3 months ago