w8mej / ThreatPlays
Sharing Threat Hunting runbooks
☆25Updated 5 years ago
Alternatives and similar repositories for ThreatPlays:
Users that are interested in ThreatPlays are comparing it to the libraries listed below
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- ☆21Updated 3 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 4 months ago
- Defensive Origins Training Schedule☆38Updated last year
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆22Updated 3 months ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆12Updated 6 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated 2 years ago
- A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis☆26Updated 3 months ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- ☆16Updated 4 years ago
- ☆18Updated 3 years ago
- Incident Response Playbooks☆14Updated 5 years ago
- CSIRT Jump Bag☆26Updated 10 months ago
- ☆28Updated 4 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- ☆41Updated 11 months ago
- My Jupyter Notebooks☆36Updated last week