cyberphor/threat-hunting-notebooks

Written using .NET Interactive Notebooks, Markdown, and PowerShell.

Threat Hunting Notebooks

Threat hunting notebooks written in Markdown, PowerShell, IPython, and the Velociraptor Query Language (VQL).

Getting Started

git clone https://github.com/cyberphor/threat-hunting-notebooks
cd threat-hunting-notebooks/
docker-compose up

References

Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan
https://www.oreilly.com/library/view/crafting-the-infosec/9781491913598/

SOC Automation with PowerShell Interactive Notebooks
https://www.youtube.com/watch?v=NLyLVb_ZoQE&list=PLrbp84dkrk142C7Lta8wWuG3lb93r2wR8&index=6

Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6501.01B - Cyber Incident Handling Program https://www.jcs.mil/Portals/36/Documents/Library/Manuals/m651001.pdf?ver=2016-02-05-175710-897

Copyright

This project is licensed under the terms of the MIT License.