tiagosequeira

Tiago Sequeira's starred repositories

APTnotes

Various public documents, whitepapers and articles about APT campaigns

3495 640 194

APT_REPORT

Interesting APT Report Collection And Some Special IOC

Language:Python2423 211 4

msticpy

Microsoft Threat Intelligence Security Tools

Language:PythonNOASSERTION1772 54 191

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

Language:Python1695 54 29

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Language:PythonGPL-3.01255 47 25

Ransomware-Tool-Matrix

A resource containing all the tools each ransomware gangs uses

736 21 1

yara-x

A rewrite of YARA in Rust.

Language:RustBSD-3-Clause656 18 90

ocsf-schema

OCSF Schema

Apache-2.0629 22 348

stride-gpt

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

Language:PythonMIT479 19 24

vulnrichment

A repo to conduct vulnerability enrichment.

CC0-1.0478 23 76

tram

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Language:Jupyter NotebookApache-2.0451 77 110

galah

Galah: An LLM-powered web honeypot.

Language:GoApache-2.0410 9 12

APT-Attack-Simulation

This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here.

Language:Python372 70

awesome_threat_intel_blogs

A curated list of Awesome Threat Intelligence Blogs

NOASSERTION330 170

cti-blueprints

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

Language:TypeScriptApache-2.0202 63 2

Threat-Actors-use-of-Artifical-Intelligence

184 17 2

CTI-Analyst-Challenge

An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.

183 110

misp-playbooks

MISP Playbooks

Language:Jupyter NotebookBSD-2-Clause174 10 54

DocIntel

Open Source Platform for storing, organizing, and searching documents related to cyber threats

Language:JavaScriptNOASSERTION157 5 100

Sigma-Rules

A repository of my own Sigma detection rules.

GPL-3.0156 7 1

diana

Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )

Language:PythonMIT152 4 4

insider-threat-ttp-kb

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

Language:PythonApache-2.0137 79 2

n6

Automated handling of data feeds for security teams

Language:PythonAGPL-3.0123 23 4

VeilTransfer

VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture.

Language:GoGPL-3.0103 20