MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+239.39%)
Mutual labels: incident-response, dfir, threat-hunting
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+289.39%)
Mutual labels: incident-response, dfir, threat-hunting
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+1018.18%)
Mutual labels: dfir, threat-hunting, mitre-attack
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+1762.12%)
Mutual labels: dfir, threat-hunting, mitre-attack
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+130.3%)
Mutual labels: incident-response, dfir, threat-hunting
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Stars: ✭ 273 (+313.64%)
Mutual labels: dfir, threat-hunting, osquery
Evtx Attack SamplesWindows Events Attack Samples
Stars: ✭ 1,243 (+1783.33%)
Mutual labels: dfir, threat-hunting, mitre-attack
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+300%)
Mutual labels: dfir, threat-hunting, mitre-attack
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+103.03%)
Mutual labels: incident-response, dfir, threat-hunting
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+39.39%)
Mutual labels: incident-response, dfir, threat-hunting
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+1378.79%)
Mutual labels: incident-response, dfir, threat-hunting
ir scriptsincident response scripts
Stars: ✭ 17 (-74.24%)
Mutual labels: incident-response, dfir, threat-hunting
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+242.42%)
Mutual labels: incident-response, dfir, mitre-attack
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (+75.76%)
Mutual labels: incident-response, dfir, threat-hunting
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-51.52%)
Mutual labels: incident-response, dfir
SIGMA-detection-rulesSet of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (+46.97%)
Mutual labels: threat-hunting, mitre-attack
Azure-Sentinel-4-SecOpsMicrosoft Sentinel SOC Operations
Stars: ✭ 140 (+112.12%)
Mutual labels: incident-response, threat-hunting
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+53.03%)
Mutual labels: incident-response, dfir
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-21.21%)
Mutual labels: incident-response, threat-hunting
CDIRCDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Stars: ✭ 122 (+84.85%)
Mutual labels: incident-response, dfir