A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Sysmon configuration file template with default high-quality event tracing

Utilities for Sysmon

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

A Linux Auditd rule set mapped to MITRE's Attack Framework

A repository with data about APTs

Incident Response Methodologies 2022

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

A collection of resources for Threat Hunters

YARA signature and IOC database for my scanners and tools

Automation and Scaling of Digital Forensics Tools

GRR Rapid Response: remote live forensics for incident response

DFIRTrack - The Incident Response Tracking Application

An informational repo about hunting for adversaries in your IT environment.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A Powershell incident response framework