GenRockeR

mpsiemlib

MP SIEM SDK

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

awesome-forensics

A curated list of awesome forensic analysis tools and resources

awesome-python

A curated list of awesome Python frameworks, libraries, software and resources

awesome-security

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

ChooseYourSIEMAdventure

cybersecurity-forensics

A collection of forensics tools, software, libraries, learning tutorials, frameworks, academic and practical resources in Cybersecurity

DetectionLab

Automate the creation of a lab environment complete with security tooling and logging best practices

DevOpsMC

DevOps Master Class Public Repo

DevToys

A Swiss Army knife for developers.

EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

logging-essentials

A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.

MemLabs

Educational, CTF-styled labs for individuals interested in Memory Forensics

MSTIC-Sysmon

Anything Sysmon related from the MSTIC R&D team

NHSuite

NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export, import, and fetch domain information in a CSV format.

open-xp-rules

Открытый репозиторий с правилами на языке eXtraction and Processing (XP)

OSCP-Buffer-Overflow

OSCP Buffer Overflow cheat sheet

OSCP-Exam-Report-Template-Markdown

:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

osquery-configuration

A repository for using osquery for incident detection and response

pakiti-server

Pakiti provides a monitoring mechanism to check the patching status of Linux systems.

qpylib

Python utility functions for QRadar

qradar-sample-apps

QRadar Sample Apps for use with V2 of the QRadar App Framework

qradar4py

QRadar API Client written in Python

qradar_thehive

Seamless integration with Qradar and TheHive

Russian-Phd-LaTeX-Dissertation-GMukhamedzyanov

LaTeX-template for russian Phd thesis

SysmonSimulator

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

tr-05-serverless-ibm-qradar

Volatility-MM-CS

Volatility MindMap & Cheat Sheet

vscode-xp-workspace

Автоматизированное рабочее пространство для использования расширения VSCode XP

vscode-xp-workspace-arm64

Dockerfile for XP web workspace for MacOS ARM devices