DeepBlueCLI
A PowerShell module for threat hunting via Windows Event Logs
The DFIR Report provides in-depth threat intelligence reports and services, including detection rules, mentoring and coaching programs, and case artifacts. The platform offers insights into real-world intrusions, malware analysis, and threat briefs, helping cybersecurity professionals stay up-to-date with the latest threats and tactics. The reports cover various topics, such as ransomware, phishing campaigns, and exploit analysis, with detailed key takeaways and technical analysis. The website also offers a range of services, including threat feeds, DFIR labs, and merchandise, making it a comprehensive resource for cybersecurity professionals.
A PowerShell module for threat hunting via Windows Event Logs
A platform providing an activity feed on exploited vulnerabilities.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A platform for accessing threat intelligence and collaborating on cyber threats.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.