sentinel-attack
Threat hunter
A tool to help rapidly deploy and utilize threat hunting capabilities on Azure Sentinel
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
1k stars
72 watching
207 forks
Language: HCL
last commit: about 1 year ago
Linked from 1 awesome list
azureazure-sentinelblue-teamcybersecuritydetectionkqlloggingmitre-attacksecurity-toolssiemsysmonsysmon-configterraform-azurethreat-huntingworkbooks
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 856 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 ninoseki/mihari | An aggregator tool for querying multiple services to gather threat intelligence data. | 863 |
 matamorphosis/scrummage | A platform for searching and analyzing publicly available online data to detect potential security threats | 512 |
 aboutsecurity/rastrea2r | A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
 sbousseaden/slides | Collection of resources and concepts for threat hunting and detection engineering. | 372 |
 sapphirex00/threat-hunting | A collection of threat intelligence resources and tools for analyzing APT malware | 255 |
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 568 |
 mandiant/mandiant-azure-ad-investigator | A PowerShell module designed to detect potential security threats in Azure AD environments | 615 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 862 |
 otrf/threathunter-playbook | A community-driven project providing shared detection logic and resources for threat hunting | 4,030 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,721 |
 rabbitstack/fibratus | An advanced security platform for real-time adversary tradecraft detection and analysis. | 2,217 |
 olafhartong/threathunting | A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework | 1,139 |
 infocyte/pshunt | A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 279 |