This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy and security

Group IB Threat Intelligence - MISP integration.

Azure and AWS Attacks

Advanced Threat Hunting: Ransomware Group

A central hub for artifacts, agendas, and resources related to the "Azure DevOps Zero to Hero" series on Tech Tutorials with Piyush YouTube channel. Access code snippets, agendas, notes, graphics, …

A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners

A demo repository, showing how one could validate detections against an ADX emulator to catch KQL runtime errors.

A large collection of system log datasets for AI-driven log analytics [ISSRE'23]

Enable the automatic deployment of Azure Sentinel using code

This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Response (EDR) systems

This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team

Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations

Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/

A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.

SOCFortress CoPilot

Ian Hanley's deceptively simple KQL queries.

KQL Queries. Microsoft Defender, Microsoft Sentinel

Reports from various areas of information security

Conference presentation slides

This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions

This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe

Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)