markhandy

markhandy's Stars

• rydalch/risk

  Risk management resources

  4

• Insider-Threat/Insider-Threat

  Creating a resource to help build and manage an Insider Threat program.

  559

• center-for-threat-informed-defense/insider-threat-ttp-kb

  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

  Language:Python12921

• emilyanncr/Windows-Post-Exploitation

  Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

  512117

• mitre/caldera

  Automated Adversary Emulation Platform

  Language:Python5.3k1k

• mitre/cascade-server

  CASCADE Server

  Language:Python25753

• siriussecurity/mitre-attack-mapping

  Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.

  Language:Python5714

• CyberMonitor/Invoke-Adversary

  Simulating Adversary Operations

  Language:PowerShell9255

• toniblyx/my-arsenal-of-aws-security-tools

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

  Language:Shell8.8k1.5k

• CyberMonitor/my-arsenal-of-aws-security-tools

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

  Language:Shell22

• CyberMonitor/APT_CyberCriminal_Campagin_Collections

  APT & CyberCriminal Campaign Collection

  Language:YARA3.6k908

• sapphirex00/Threat-Hunting

  Personal compilation of APT malware from whitepaper releases, documents and own research

  25455

• randomuserid/OSSEM

  Open Source Security Events Metadata (OSSEM)

  4

• mdsecactivebreach/SharpPack

  An Insider Threat Toolkit

  Language:Batchfile14734

• randomuserid/Tylium

  Primary data pipelines for intrusion detection, security analytics and threat hunting

  8810

• randomuserid/Baltar

  Searches for Insider Threat Hunting

  298

• randomuserid/Adama

  Searches For Threat Hunting and Security Analytics

  24246

• OTRF/OSSEM

  Open Source Security Events Metadata (OSSEM)

  Language:Python1.2k212

• atc-project/atomic-threat-coverage

  Actionable analytics designed to combat threats

  Language:Python952159

• olafhartong/ATTACKdatamap

  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

  Language:PowerShell34564

• nshalabi/ATTACK-Tools

  Utilities for MITRE™ ATT&CK

  Language:HTML1k214

• blaCCkHatHacEEkr/PENTESTING-BIBLE

  articles

  12.7k2.3k

• PowerShellMafia/PowerSploit

  PowerSploit - A PowerShell Post-Exploitation Framework

  Language:PowerShell11.6k4.6k

• TonyPhipps/SIEM

  SIEM Tactics, Techiques, and Procedures

  53497

• praetorian-inc/purple-team-attack-automation

  Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs

  Language:Ruby713121

• benstew/awesome-data-exfiltration

  Curated list of awesome, open source data exfiltration tools

  504

• api0cradle/LOLBAS

  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

  Language:XSLT1.6k346