zolderio / misp-to-sentinel
Azure function to insert MISP data in to Azure Sentinel
☆30Updated last year
Related projects: ⓘ
- ☆68Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆17Updated 10 months ago
- Remote access and Antivirus Logging Database☆39Updated 4 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 5 months ago
- ☆40Updated last year
- ASR Configurator, Essentials and Atomic Testing☆32Updated 3 weeks ago
- Slides of my public talks☆46Updated 9 months ago
- ESXi Cyber Security Incident Response Script☆19Updated 2 weeks ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- General Content☆19Updated 2 months ago
- ☆28Updated 3 years ago
- ☆19Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆47Updated last year
- ☆42Updated 3 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- ☆48Updated last year
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆40Updated 2 years ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆35Updated 3 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆21Updated 3 weeks ago
- A PowerShell incident response script for quick triage☆75Updated 2 years ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆41Updated 2 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆108Updated 9 months ago
- Test case indexes☆35Updated 2 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- Pushes Sysmon Configs☆89Updated 3 years ago
- ☆29Updated 2 years ago