w8mej / ThreatPlays
Sharing Threat Hunting runbooks
☆25Updated 5 years ago
Alternatives and similar repositories for ThreatPlays:
Users that are interested in ThreatPlays are comparing it to the libraries listed below
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12Updated 4 years ago
- Incident Response Playbooks☆14Updated 5 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 4 months ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 6 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆24Updated 5 years ago
- ☆77Updated 5 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated 2 years ago
- Expert Investigation Guides☆51Updated 3 years ago
- ☆21Updated 3 years ago
- ☆11Updated 4 years ago
- ☆28Updated 4 years ago
- ☆30Updated 6 years ago
- Lokix Platform is a free open-source solution to help blue teams and threat hunters use Loki Scanner to sweep enterprise networks☆25Updated 4 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆37Updated 3 years ago
- ☆16Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆39Updated 10 months ago
- Threat Hunter's Knowledge Base☆22Updated 3 years ago
- Defensive Origins Training Schedule☆38Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- Best practices in threat intelligence☆46Updated 2 years ago