Mostafa A. Mohamed's Projects
Small and highly portable detection tests based on MITRE's ATT&CK.
an awesome list of honeypot resources
Regex
Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR's ever-growing Content Repository. Pull Requests are always welcome and highly appreciated!
Fast Incident Response
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
A concise, directive, specific, flexible, and free incident response plan template
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
Incident Response Methodologies 2022
Scripts to push IBM QRadar events to TheHive IRP
Open-source and community extensions for Resilient
Python library modules for Resilient APIs
Python examples using the Resilient REST API and Action Module
Developer documentation for Resilient APIs
Example scripts and rules for use in Resilient playbooks.
work in progress
Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.