ktb-jcm

ktb-jcm's Stars

• vxunderground/MalwareSourceCode

  Collection of malware source code for a variety of platforms in an array of different programming languages.

  Language:Assembly15.6k1.7k

• zolderio/misp-to-sentinel

  Azure function to insert MISP data in to Azure Sentinel

  Language:Python308

• davehull/Kansa

  A Powershell incident response framework

  Language:PowerShell1.5k265

• microsoft/OMS-Agent-for-Linux

  Language:Ruby410311

• maxmind/geoip-api-c

  DEPRECATED GeoIP Legacy C API

  Language:C370129

• maxmind/MaxMind-DB-Reader-php

  PHP Reader for the MaxMind DB Database Format

  Language:PHP63980

• cylaris/awesomekql

  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs

  505

• atc-project/atomic-threat-coverage

  Actionable analytics designed to combat threats

  Language:Python964157

• SwiftOnSecurity/SwiftFilter

  Exchange Transport rules to detect and enable response to phishing

  40263

• OfficeDev/O365-ActivityFeed-AzureFunction

  Azure function that processes incoming notifications from the O365 Activity API

  Language:PowerShell4434

• cyberark/BlobHunter

  Find exposed data in Azure with this public blob scanner

  Language:Python30754

• RH-ISAC/misp-docker

  MISP Docker (XME edition)

  Language:Shell2

• RH-ISAC/PyOTI

  Python library for threat intelligence

  Language:Python796

• microsoft/Microsoft-365-Defender-Hunting-Queries

  Sample queries for Advanced hunting in Microsoft 365 Defender

  Language:Jupyter Notebook1.9k531

• miladaslaner/AdvHuntingCheatSheet

  Microsoft Threat Protection Advance Hunting Cheat Sheet

  765

• andrewsmhay/web2intel

  Language:Ruby53

• microsoft/PowerToys

  Windows system utilities to maximize productivity

  Language:C#110k6.5k

• MITRECND/chopshop

  Protocol Analysis/Decoder Framework

  Language:Python487112

• kbandla/APTnotes

  Various public documents, whitepapers and articles about APT campaigns

  3.5k879

• vz-risk/veris

  Vocabulary for Event Recording and Incident Sharing (VERIS)

  Language:HTML566161

• swimlane/pyattck

  A Python package to interact with the Mitre ATT&CK Framework

  Language:Python46787

• reprise99/Sentinel-Queries

  Collection of KQL queries

  1.4k333

• rabobank-cdc/DeTTECT

  Detect Tactics, Techniques & Combat Threats

  Language:SCSS2k333

• cfalta/MicrosoftWontFixList

  A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

  934100

• wortell/AZSentinel

  PowerShell module for Azure Sentinel

  Language:PowerShell22982

• ManagedSentinel/AzureSentinelKQLScripts

  Various tools used to monitor and troubleshoot Azure Sentinel data

  278

• Azure/Azure-Sentinel-Notebooks

  Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

  Language:Jupyter Notebook547187

• Azure/Azure-Sentinel

  Cloud-native SIEM for intelligent security analytics for your entire enterprise.

  Language:Jupyter Notebook4.5k3k

• javiersoriano/sentinelascode

  Enable the automatic deployment of Azure Sentinel using code

  Language:PowerShell110105