Chen9011's starred repositories
FriendsDontLetFriends
Friends don't let friends make certain types of data visualization - What are they and why are they bad.
awesome-detection-rules
This is a collection of threat detection rules / rules engines that I have come across.
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
windows-itpro-docs
This is used for contributions to the Windows 10 content for IT professionals on docs.microsoft.com.
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
Windows-WEC-server_auto-deploy
PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset
Windows-auditing-baseline
Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Windows-authentication-brutforce-cheatsheet
Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
SIGMA-detection-rules
Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques