vz-risk / flow
Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
☆43Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for flow
- CSIRT Jump Bag☆27Updated 6 months ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆31Updated last year
- Jupyter notebooks☆22Updated 4 years ago
- Recon Hunt Queries☆75Updated 3 years ago
- MITRE Shield website☆18Updated 3 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆23Updated 4 months ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆56Updated 3 weeks ago
- ☆15Updated 3 years ago
- pocket guide for core threat hunting concepts☆23Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 6 months ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆16Updated 4 years ago
- Automatic detection engineering technical state compliance☆50Updated 4 months ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- Defensive Origins Training Schedule☆35Updated 10 months ago
- A MITRE ATT&CK Lookup Tool☆43Updated 6 months ago
- ☆28Updated 3 years ago
- My Jupyter Notebooks☆36Updated 7 months ago
- Expert Investigation Guides☆50Updated 3 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆21Updated 2 years ago
- ☆58Updated 2 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated last year
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- CyCAT.org API back-end server including crawlers☆30Updated last year
- Dashboards for conducting forensic investigation using windows events in Kibana☆17Updated 5 years ago