DavidJBianco

security_content

Splunk Security Content

viper-scripts

Various Modules & Scripts for use with Viper Framework

docker-stacks

Ready-to-run Docker images containing Jupyter applications

alerting-detection-strategy-framework

A framework for developing alerting and detection strategies for incident response.

imaginaryC2

Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.

malicious_url_analysis

pythontricks

All the python and Pandas tricks I keep forgetting how to do

kafka-docker

Dockerfile for Apache Kafka

HELK

The Hunting ELK

docker-elk

The Elastic stack (ELK) powered by Docker and Compose.

APTnotes

Various public documents, whitepapers and articles about APT campaigns

ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

sof-elk

Configuration files for the SOF-ELK VM

PowerShell

PowerShell for every system!

open-network-insight

This site has moved to the ONI organization at https://github.com/Open-Network-Insight

combine-to-neo4j

Shell script and cypher statements to load cyber threat intelligence gathered by combine.py into Neo4j

Security-Data-Analysis

A series of labs that will help users apply various data science techniques to security related data.

iocs

FireEye Publicly Shared Indicators of Compromise (IOCs)

data_hacking

Data Hacking Project