markhandy's Stars
rydalch/risk
Risk management resources
Insider-Threat/Insider-Threat
Creating a resource to help build and manage an Insider Threat program.
center-for-threat-informed-defense/insider-threat-ttp-kb
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
emilyanncr/Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
mitre/caldera
Automated Adversary Emulation Platform
mitre/cascade-server
CASCADE Server
siriussecurity/mitre-attack-mapping
Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.
CyberMonitor/Invoke-Adversary
Simulating Adversary Operations
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
CyberMonitor/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
CyberMonitor/APT_CyberCriminal_Campagin_Collections
APT & CyberCriminal Campaign Collection
sapphirex00/Threat-Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
randomuserid/OSSEM
Open Source Security Events Metadata (OSSEM)
mdsecactivebreach/SharpPack
An Insider Threat Toolkit
randomuserid/Tylium
Primary data pipelines for intrusion detection, security analytics and threat hunting
randomuserid/Baltar
Searches for Insider Threat Hunting
randomuserid/Adama
Searches For Threat Hunting and Security Analytics
OTRF/OSSEM
Open Source Security Events Metadata (OSSEM)
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
nshalabi/ATTACK-Tools
Utilities for MITRE™ ATT&CK
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
PowerShellMafia/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
praetorian-inc/purple-team-attack-automation
Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
benstew/awesome-data-exfiltration
Curated list of awesome, open source data exfiltration tools
api0cradle/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)