Open Threat Research Forge

Repositories

• mordor

  Re-play Adversarial Techniques
  Python GPL-3.0 105 758 3 1 Updated Oct 30, 2020

• sigma

  Forked from Neo23x0/sigma

  Generic Signature Format for SIEM Systems
  Python 829 0 0 0 Updated Oct 30, 2020

• Blacksmith

  Building environments to replicate small networks and deploy applications
  PowerShell GPL-3.0 21 103 0 2 Updated Oct 29, 2020

• ThreatHunter-Playbook

  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

  dfir sysmon threat-hunting hunting hunter mitre hypothesis
  Python GPL-3.0 532 2,334 2 2 Updated Oct 28, 2020

• OSSEM

  Open Source Security Events Metadata (OSSEM)
  Python 130 692 11 0 Updated Oct 28, 2020

• OSSEM-DM

  OSSEM Detection Model
  Python GPL-3.0 1 6 0 0 Updated Oct 28, 2020

• infosec-jupyter-book

  The Infosec Community Definitive Guide to Jupyter Notebooks
  Dockerfile GPL-3.0 3 19 0 0 Updated Oct 17, 2020

• notebooks-forge

  A collection of notebooks built for defensive and offensive operations.
  Jupyter Notebook GPL-3.0 17 53 2 0 Updated Oct 13, 2020

• detection-hackathon-apt29

  Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
  Jupyter Notebook GPL-3.0 21 82 48 0 Updated Oct 12, 2020

• Infosec-DMZ
  GPL-3.0 0 0 0 0 Updated Oct 7, 2020

• ATTACK-Python-Client

  Python Script to access ATT&CK content available in STIX via a public TAXII server
  Jupyter Notebook BSD-3-Clause 71 297 3 1 Updated Oct 7, 2020

• Azure-Sentinel2Go

  Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab.
  Shell GPL-3.0 22 53 1 0 Updated Oct 6, 2020

• SimuLand

  Cloud Templates and scripts to deploy mordor environments
  Shell GPL-3.0 2 40 2 0 Updated Oct 5, 2020

• workshop-ekoparty-bluespace-2020

  Materiales para enseñar lo básico de Jupyter Notebooks y análisis de data con Pandas
  Dockerfile 0 2 0 0 Updated Sep 29, 2020

• Community-Presentations

  Slides
  0 0 0 0 Updated Sep 29, 2020

• OSSEM-CDM

  OSSEM Common Data Model
  Python GPL-3.0 2 5 1 0 Updated Sep 24, 2020

• docker-c2

  Docker files used to deploy known Command & Control (C2) Frameworks
  GPL-3.0 1 2 0 0 Updated Aug 4, 2020

• Set-AuditRule

  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  PowerShell GPL-3.0 10 42 0 0 Updated Jul 31, 2020

• bloodhound-notebook

  BloodHound Cypher Queries Ported to a Jupyter Notebook
  Python GPL-3.0 2 38 0 0 Updated Jun 20, 2020

• OSL

  Forked from intelforge/OSL

  A refreshed version of Hyde for Jekyll 3.x and 4.x
  CSS 622 0 0 0 Updated May 27, 2020

• infosec-jupyterthon

  A community event for security researchers to share their favorite notebooks
  Dockerfile GPL-3.0 2 19 0 0 Updated May 8, 2020

• attack-website

  Forked from mitre-attack/attack-website

  MITRE ATT&CK Website
  HTML Apache-2.0 67 6 0 0 Updated Apr 22, 2020

• OpenSec-Library
  GPL-3.0 0 2 0 0 Updated Mar 4, 2020