ab2201

ab2201's Stars

• BlackPerl-DFIR/SOC-OpenSource

  This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.

  615155

• cyb3rxp/awesome-soc

  A collection of sources of documentation, as well as field best practices, to build/run a SOC

  1.2k199

• LetsDefend/awesome-soc-analyst

  Useful resources for SOC Analyst and SOC Analyst candidates.

  589106

• Azure/Azure-Sentinel

  Cloud-native SIEM for intelligent security analytics for your entire enterprise.

  Language:Jupyter Notebook4.5k3k

• A3sal0n/CyberThreatHunting

  A collection of resources for Threat Hunters

  Language:Python845168

• orlikoski/Skadi

  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux

  Language:Shell48971

• orlikoski/CyLR

  CyLR - Live Response Collection Tool

  Language:C#62289

• certsocietegenerale/IRM-deprecated

  Incident Response Methodologies

  1k217

• meirwah/awesome-incident-response

  A curated list of tools for incident response

  7.5k1.5k

• Azure/Azure-Sentinel-Notebooks

  Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

  Language:Jupyter Notebook547187

• phantomcyber/playbooks

  Phantom Community Playbooks

  Language:Python467198

• MISP/misp-training

  MISP trainings, threat intel and information sharing training materials with source code

  Language:TeX37484

• sans-blue-team/DeepBlueCLI

  Language:PowerShell2.2k352

• MicrosoftDocs/security

  Public repo to sync with security-pr

  Language:PowerShell198160

• guardsight/gsvsoc_cirt-playbook-battle-cards

  Cyber Incident Response Team Playbook Battle Cards

  35763

• OTRF/ThreatHunter-Playbook

  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

  Language:Python4k804

• netevert/sentinel-attack

  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

  Language:HCL1.1k207

• intelowlproject/IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  Language:Python3.8k426

• counteractive/incident-response-plan-template

  A concise, directive, specific, flexible, and free incident response plan template

  Language:Makefile629219

• rmusser01/Infosec_Reference

  An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

  Language:CSS5.5k1.2k

• MicrosoftDocs/CloudAppSecurityDocs

  Public repo for CloudAppSecurityDocs-pr

  Language:PowerShell107154

• MicrosoftDocs/azure-docs

  Open source documentation of Microsoft Azure

  Language:Markdown10.2k21.4k