Semanur Güneysu's repositories
APT06202001
Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020
at-ps
Adversary Tactics - PowerShell Training
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
awesome-forensics
A curated list of awesome forensic analysis tools and resources
awesome-incident-response
A curated list of tools for incident response
awesome-malware-analysis
A curated list of awesome malware analysis tools and resources.
awesome-mitre-attack
A curated list of awesome resources related to Mitre ATT&CK™ Framework
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
awesome-yara
A curated list of awesome YARA rules, tools, and people.
AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
blueteam_homelabs
Great List of Resources to Build an Enterprise Grade Home Lab
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
detection-hackathon-apt29
Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
LinuxForensics
Everything related to Linux Forensics
Malware
Course materials for Malware Analysis by RPISEC
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
osquery_queries
Cisco Orbital - Osquery queries by Talos
presentations
My presentations
sigma
Generic Signature Format for SIEM Systems
spl-to-kql
The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects requiring both technologies (Splunk and Azure/Sentinel) or any other hybrid environments. Feel free to add/suggest entries.
sysmon-cheatsheet
All sysmon event types and their fields explained
Use_Case_Applicability
Security Monitoring Resolution Categories
Windows-API-To-Sysmon-Events
A repository that maps API calls to Sysmon Event ID's.