Pinned Repositories
AIMOD2
Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
airthingsnest
Airthings + Nest Integration to maintain air quality and temp
angular-translate
Translating your AngularJS 1.x apps
appium
:iphone: Automation for iOS, Android, and Windows Apps.
APT_CyberCriminal_Campaign
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
binaryalert
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection
gsuite-oauth-third-party-app-report
Start enforcing G Suite third-party apps via OAuth
maxmind-graphql
GraphQL API for MaxMind DB Reader
threat-detection-engineering-reference
Resource for all things threat detection
erickatwork's Repositories
erickatwork/threat-detection-engineering-reference
Resource for all things threat detection
erickatwork/AIMOD2
Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or mitigating potential damage to the organization.
erickatwork/airthingsnest
Airthings + Nest Integration to maintain air quality and temp
erickatwork/angular-translate
Translating your AngularJS 1.x apps
erickatwork/appium
:iphone: Automation for iOS, Android, and Windows Apps.
erickatwork/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
erickatwork/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
erickatwork/CortexDocs
Documentation of Cortex
erickatwork/docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
erickatwork/falco
Cloud Native Runtime Security
erickatwork/maxmind-graphql
GraphQL API for MaxMind DB Reader
erickatwork/detection-engineering-maturity-matrix
erickatwork/domainthreat
Newly registered Domain Monitoring to detect phishing and brand impersonation with subdomain enumeration and source code scraping
erickatwork/incident-notification-copy
Repo of customer notifications
erickatwork/insightconnect-plugins
Plugin source code for the InsightConnect SOAR product, developer documentation at komand.github.io/python/start.html
erickatwork/matterport-dl
A downloader for matterport virtual tours
erickatwork/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
erickatwork/misp-modules
Modules for expansion services, import and export in MISP
erickatwork/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
erickatwork/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
erickatwork/pandasql
sqldf for pandas
erickatwork/Print-Tuning-Guide
erickatwork/python-actions
GitHub Actions for Python packaging and distribution
erickatwork/sigma
Main Sigma Rule Repository
erickatwork/splunk-sdk-python
Splunk Software Development Kit for Python
erickatwork/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
erickatwork/streamalert
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define. Also, we are hiring!!!!!!!!
erickatwork/templates
Document templates for open-source projects (README, CONTRIBUTING, GitHub templates)
erickatwork/verizon-dbir-reports
This is a repository of the Verizon DBIRs because the older ones are hard to find online.
erickatwork/vscode
Visual Studio Code