Open Threat Research Forge (@OTRF)

Top repositories

1

ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Python
3,964
star
2

Security-Datasets

Re-play Security Events
PowerShell
1,582
star
3

OSSEM

Open Source Security Events Metadata (OSSEM)
Python
1,232
star
4

ATTACK-Python-Client

Python Script to access ATT&CK content available in STIX via a public TAXII server
Python
554
star
5

Microsoft-Sentinel2Go

Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
PowerShell
540
star
6

Blacksmith

Building environments to replicate small networks and deploy applications
PowerShell
317
star
7

OSSEM-DM

OSSEM Detection Model
Python
164
star
8

detection-hackathon-apt29

Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
Jupyter Notebook
130
star
9

SimuLand

Cloud Templates and scripts to deploy mordor environments
Shell
127
star
10

infosec-jupyter-book

The Infosec Community Definitive Guide to Jupyter Notebooks
Dockerfile
107
star
11

infosec-jupyterthon

A community event for security researchers to share their favorite notebooks
Jupyter Notebook
105
star
12

GenAI-Security-Adventures

Jupyter Notebook
93
star
13

Set-AuditRule

Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
PowerShell
86
star
14

notebooks-forge

A collection of notebooks built for defensive and offensive operations.
Jupyter Notebook
76
star
15

API-To-Event

A repo to document API functions mapped to security events across diverse platforms
74
star
16

OSSEM-DD

OSSEM Data Dictionaries
Python
56
star
17

OSSEM-CDM

OSSEM Common Data Model
54
star
18

bloodhound-notebook

BloodHound Cypher Queries Ported to a Jupyter Notebook
Python
53
star
19

openhunt

Python
33
star
20

bloodhound-notebooks

Notebooks created to attack and secure Active Directory environments
Jupyter Notebook
27
star
21

SANS-BlueTeamSummit-2022

Repo to track SANS BlueTeam Summit Presentation
Jupyter Notebook
23
star
22

2021-OceanLotus-workshop

HCL
18
star
23

BHEU22-ADFS

Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations
12
star
24

MEAN

Microsoft Entra ID Administration LLM-based Autonomous Agent
Jupyter Notebook
8
star
25

docker-c2

Docker files used to deploy known Command & Control (C2) Frameworks
5
star
26

workshop-ekoparty-bluespace-2020

Materiales para enseñar lo básico de Jupyter Notebooks y análisis de data con Pandas
Dockerfile
3
star
27

OpenSec-Library

2
star
28

Blog-Website

Official OTR Blog Website
2
star
29

Infosec-DMZ

1
star
30

OSSEM-DD-MASK

An extension of the OSSEM-DD repository.
1
star
31

Community-Presentations

Slides
1
star