trellix-enterprise / ac3-threat-sightings
A threat sighting collects the behavior of a real threats and the observables used during its engagement.
☆13Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for ac3-threat-sightings
- Augmentation to Machine Readable CTI☆25Updated 2 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆19Updated 3 months ago
- Powershell sandboxing utility☆17Updated 3 weeks ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- my MSTICpy practice and custom tools repository☆11Updated 2 weeks ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆15Updated 2 years ago
- Remote access and Antivirus Logging Database☆41Updated 6 months ago
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆31Updated 2 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 3 weeks ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆20Updated 3 years ago
- The core backend server handling API requests and task management☆31Updated 2 weeks ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- Cyber Threats Detection Rules☆13Updated 2 months ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆19Updated 7 months ago
- ☆31Updated last month
- ☆15Updated 3 years ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- ☆19Updated last year
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆22Updated 6 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆56Updated last year
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆58Updated last year
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆35Updated 11 months ago