APTnotes
awesome-incident-response
Our great sponsors
APTnotes | awesome-incident-response | |
---|---|---|
5 | 4 | |
3,406 | 7,114 | |
- | - | |
3.1 | 5.6 | |
4 months ago | 26 days ago | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
APTnotes
-
Ask HN: What Happened with the Grugq Article?
>with case studies and getting as niche on specific things as possible.
Then definitely you can touch on APT marketplace, unlike the usual zeroday ones, those are -as the name implies, advanced, and mostly are state sponsored, you can find some of these in this sheet [1], or other sources [2] or older ones [3]. Now, for other zero day exploits, you can dig into your typical threat intelligence feeds to have an idea, some of these are daily updated [4] [5] [6] among a lot more of other resources, there are also underground databases for zero day and even APT updated as of yesterday, and also online marketplaces for those where you can buy/sell compromised RDP servers / webmail / cPanels / etc., or even services like smtp-sms for phishing among others, unfortunately, I can’t and won’t list any of these in here for obvious reasons, however, if you dig a little deeper definitely you will find something, just don’t use the usual search engines and normal channels, and get the usual security precautions like sandbox/vpns/etc. when access any of these sites, preferably in an isolated OS too.
And thanks, not expert enough for sure!
[1] https://docs.google.com/spreadsheets/u/1/d/1H9_xaxQHpWaa4O_S...
[2] https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e...
[3] https://github.com/kbandla/APTnotes
[4] https://bazaar.abuse.ch/browse/
[5] https://www.exploitalert.com/browse-exploit.html
[6] https://threatfox.abuse.ch/browse/
-
Seeking Datasets on Malware
I trained up this repo in my privateGPT - https://github.com/kbandla/APTnotes
- Le Burkina Faso
-
Cybersecurity Repositories
APT Notes
- Les ressortissants russes en France reçoivent en ce moment sur leurs numéros de téléphone russe des demandes pour l'enrôlement dans l'armée en vue de la guerre avec l'Ukraine
awesome-incident-response
-
Cybersecurity Repositories
Incident Response
- Questions about getting into DF
-
I started a new role as a Incident Response Analyst and wanted to get some advice.
Here is a good github page that discusses tons of IR stuff. https://github.com/meirwah/awesome-incident-response
-
Has this sub done any curated reasearch collection sharing?
GitHub sounds totally viable. You might consider styling it after something like Awesome Lists. (Ex: Awesome Incident Response). But yes, totally viable.
What are some alternatives?
data - APTnotes data
Kuiper - Digital Forensics Investigation Platform
ThreatHunter-Playbook - A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
cyberchef-recipes - A list of cyber-chef recipes and curated links
osx-and-ios-security-awesome - OSX and iOS related security tools
dfir-orc - Forensics artefact collection tool for systems running Microsoft Windows
awesome-forensics - A curated list of awesome forensic analysis tools and resources
DevSecOps - Ultimate DevSecOps library
awesome-iocs - A collection of sources of indicators of compromise.
DFIRMindMaps - A repository of DFIR-related Mind Maps geared towards the visual learners!
awesome-adversarial-machine-learning - A curated list of awesome adversarial machine learning resources
awesome-sre - A curated list of Site Reliability and Production Engineering resources.