Grabs the latest URLHaus list
-
Updated
May 12, 2023 - PowerShell
Grabs the latest URLHaus list
Grabs the latest Openphish URL list
PowerShell module for creating and managing Sysinternals Sysmon config files.
Generates threat feed IP list from the AbuseIPDB API
Powershell collection designed to assist in Threat Hunting Windows systems.
Triage an IP using powershell
CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.
Using powershell to determine if a URL is malicious, as well as grabbing other info
Powershell based script to Verify malware Indicators of Compromise (IOC Hashes, domains, IPs) against databases such as VirusTotal and Kaspersky
Deobfuscates PowerShell format strings
PowerShell module wrapper for the Collective Intelligence Framework (CIF) v3 API
PSEmailRep is a simple PowerShell module to interface with the EmailRep.io API.
Powershell script to help Speed up Threat hunting incident response processes
Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
Microsoft Sentinel SOC Operations
Awesome Security lists for SOC/CERT/CTI
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Add a description, image, and links to the threat-intelligence topic page so that developers can more easily learn about it.
To associate your repository with the threat-intelligence topic, visit your repo's landing page and select "manage topics."