vz-risk / flow
Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
☆43Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for flow
- CSIRT Jump Bag☆27Updated 6 months ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Recon Hunt Queries☆75Updated 3 years ago
- ☆15Updated 3 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 4 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- ☆31Updated last month
- A collection of typical false positive indicators☆54Updated 3 years ago
- incident response scripts☆18Updated 5 years ago
- Jupyter notebooks☆22Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- Public release of Whalehoney Honeypot☆29Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆106Updated 9 months ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆31Updated last year
- MITRE Shield website☆18Updated 3 years ago
- Bot to create MISP events from data in Slack☆17Updated 10 months ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- A MITRE ATT&CK Lookup Tool☆43Updated 6 months ago
- My Jupyter Notebooks☆36Updated 7 months ago
- ☆43Updated last month
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Dashboards for conducting forensic investigation using windows events in Kibana☆17Updated 5 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- ☆28Updated 4 years ago
- Intrusion Detection Honeypots Book Code☆24Updated 4 years ago
- Site for IWS book content☆18Updated 6 years ago