jstnk9's repositories
TIBER-Cases
TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to TIBER-EU processes.
ETW-Almulahaza
ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
ac3-threat-sightings-fork
A threat sighting collects the behavior of a real threats and the observables used during its engagement.
EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
misp-galaxy
Clusters and elements to attach to MISP events or attributes (like threat actors)
Mnemo-Reports
reports generated by the Cyber Threat Intelligence Mnemo team
pywintrace
ETW Python Library
sigma
Generic Signature Format for SIEM Systems
vt-public-crowdsourced-yara
Share your Yara rules with VirusTotal