trellix-enterprise / ac3-threat-sightings
A threat sighting collects the behavior of a real threats and the observables used during its engagement.
☆13Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ac3-threat-sightings
- Augmentation to Machine Readable CTI☆25Updated last month
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- Powershell sandboxing utility☆17Updated 2 weeks ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated 11 months ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 11 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆20Updated 3 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆26Updated 3 weeks ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆19Updated 7 months ago
- my MSTICpy practice and custom tools repository☆11Updated this week
- An Adaptive Misuse Detection System☆29Updated this week
- Scripts and lists to help generate YARA friendly string mutations☆19Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆21Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated this week
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆58Updated last year
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- ☆15Updated 3 years ago
- USN Journal full path builder☆36Updated last month
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- Automatic detection engineering technical state compliance☆50Updated 4 months ago
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆50Updated 2 years ago
- A home for detection content developed by the delivr.to team☆59Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated last week
- ☆15Updated 2 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆19Updated 3 months ago