wagga40 / Mitre2Datatables

Related projects: ⓘ

• wagga40 / Zircolite-Rules
  Sigma rules converted for direct use with Zircolite
  ☆10Updated this week
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆33Updated 5 months ago
• Velocidex / velociraptor-docs
  Documentation site for Velociraptor
  ☆35Updated this week
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆30Updated 2 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆66Updated 10 months ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 4 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated last year
• invictus-ir / o365_dataset
  A dataset containing Office 365 Unified Audit Logs for security research and detection
  ☆41Updated 2 years ago
• 00010111 / smbtimeline
  ☆28Updated last year
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• The-DFIR-Report / cyberchef-recipes
  ☆18Updated 2 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆34Updated 9 months ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆39Updated 4 months ago
• AndrewRathbun / DFIRPowerShellScripts
  Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!
  ☆42Updated 2 weeks ago
• csababarta / memory-baseliner
  Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…
  ☆47Updated last year
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 2 years ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆108Updated 9 months ago
• tesorion / TCERT-Cumulonimbus-UAL_Extractor
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆17Updated 10 months ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆84Updated 7 months ago
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆74Updated 3 weeks ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆68Updated last year
• corelight / threat-hunting-guide
  ☆43Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 3 weeks ago
• frack113 / sigma_redcanaryco
  Knowing which rule should trigger according to the redcannary test
  ☆10Updated 4 months ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆55Updated 4 months ago