Contributing
Build instructions
pip install -r docs/requirements.txt
cd docs
Modify docs/*.md as needed
mkdocs serve
ReconInfoSec / rhq
Licence: other
Recon Hunt Queries
Stars: ✭ 66
Projects that are alternatives of or similar to rhq
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+239.39%)
Mutual labels: incident-response, dfir, threat-hunting
Threatpinchlookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+289.39%)
Mutual labels: incident-response, dfir, threat-hunting
Threathunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+1018.18%)
Mutual labels: dfir, threat-hunting, mitre-attack
Sysmon Modular
A repository of sysmon configuration modules
Stars: ✭ 1,229 (+1762.12%)
Mutual labels: dfir, threat-hunting, mitre-attack
Oriana
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+130.3%)
Mutual labels: incident-response, dfir, threat-hunting
Detectionlabelk
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (+313.64%)
Mutual labels: dfir, threat-hunting, osquery
Evtx Attack Samples
Windows Events Attack Samples
Stars: ✭ 1,243 (+1783.33%)
Mutual labels: dfir, threat-hunting, mitre-attack
Attackdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+300%)
Mutual labels: dfir, threat-hunting, mitre-attack
Mthc
All-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+103.03%)
Mutual labels: incident-response, dfir, threat-hunting
Threathunt
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+39.39%)
Mutual labels: incident-response, dfir, threat-hunting
Beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+1378.79%)
Mutual labels: incident-response, dfir, threat-hunting
ir scripts
incident response scripts
Stars: ✭ 17 (-74.24%)
Mutual labels: incident-response, dfir, threat-hunting
Atc React
A knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+242.42%)
Mutual labels: incident-response, dfir, mitre-attack
fastfinder
Incident Response - Fast suspicious file finder
Stars: ✭ 116 (+75.76%)
Mutual labels: incident-response, dfir, threat-hunting
INDXRipper
Carve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-51.52%)
Mutual labels: incident-response, dfir
SIGMA-detection-rules
Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (+46.97%)
Mutual labels: threat-hunting, mitre-attack
Azure-Sentinel-4-SecOps
Microsoft Sentinel SOC Operations
Stars: ✭ 140 (+112.12%)
Mutual labels: incident-response, threat-hunting
MEAT
This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+53.03%)
Mutual labels: incident-response, dfir
PowerGRR
PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-21.21%)
Mutual labels: incident-response, threat-hunting
CDIR
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (+84.85%)
Mutual labels: incident-response, dfir
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].