Skip to content

@OTRF Open Threat Research Forge

Change the repository type filter

All

    Repositories list

    30 repositories

    • Blacksmith

      Public
      Building environments to replicate small networks and deploy applications
      PowerShell
      GNU General Public License v3.0
      7232520Updated Jan 22, 2025Jan 22, 2025

    • OSSEM-DD

      Public
      OSSEM Data Dictionaries
      Python
      MIT License
      2062100Updated Jan 22, 2025Jan 22, 2025

    • Microsoft-Sentinel2Go

      Public
      Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
      PowerShell
      GNU General Public License v3.0
      14857420Updated Jan 22, 2025Jan 22, 2025

    • ATTACK-Python-Client

      Public
      Python Script to access ATT&CK content available in STIX via a public TAXII server
      Python
      BSD 3-Clause "New" or "Revised" License
      11756630Updated Dec 21, 2024Dec 21, 2024

    • GenAI-Security-Adventures

      Public
      Jupyter Notebook
      MIT License
      1610611Updated Jun 2, 2024Jun 2, 2024

    • MEAN

      Public
      Microsoft Entra ID Administration LLM-based Autonomous Agent
      Jupyter Notebook
      MIT License
      2800Updated Apr 30, 2024Apr 30, 2024

    • Security-Datasets

      Public
      Re-play Security Events
      PowerShell
      MIT License
      2471.7k73Updated Mar 20, 2024Mar 20, 2024

    • infosec-jupyterthon

      Public template
      A community event for security researchers to share their favorite notebooks
      Jupyter Notebook
      GNU General Public License v3.0
      2510801Updated Feb 15, 2024Feb 15, 2024

    • ThreatHunter-Playbook

      Public
      A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
      dfirsysmonthreat-huntinghuntinghuntermitrehypothesishunting-campaignsmitre-attack-db
      Python
      MIT License
      8424.3k63Updated Feb 15, 2024Feb 15, 2024

    • Blog-Website

      Public
      Official OTR Blog Website
      5210Updated Nov 4, 2023Nov 4, 2023

    • OSSEM

      Public
      Open Source Security Events Metadata (OSSEM)
      Python
      MIT License
      2151.3k143Updated Feb 27, 2023Feb 27, 2023

    • BHEU22-ADFS

      Public
      Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations
      MIT License
      41200Updated Dec 9, 2022Dec 9, 2022

    • OSSEM-DM

      Public
      OSSEM Detection Model
      Python
      MIT License
      43177111Updated Oct 11, 2022Oct 11, 2022

    • SANS-BlueTeamSummit-2022

      Public
      Repo to track SANS BlueTeam Summit Presentation
      Jupyter Notebook
      62300Updated Oct 4, 2022Oct 4, 2022

    • OSSEM-CDM

      Public
      OSSEM Common Data Model
      MIT License
      1556161Updated Sep 20, 2022Sep 20, 2022

    • Set-AuditRule

      Public
      Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
      PowerShell
      GNU General Public License v3.0
      239410Updated Feb 2, 2022Feb 2, 2022

    • sigma

      Public
      Generic Signature Format for SIEM Systems
      Python
      2.4k1400Updated Oct 27, 2021Oct 27, 2021

    • 2021-OceanLotus-workshop

      Public
      HCL
      MIT License
      418260Updated Aug 4, 2021Aug 4, 2021

    • openhunt

      Public
      Python
      83530Updated Jun 22, 2021Jun 22, 2021

    • OSSEM-DD-MASK

      Public
      An extension of the OSSEM-DD repository.
      GNU General Public License v3.0
      1100Updated May 11, 2021May 11, 2021

    • SimuLand

      Public
      Cloud Templates and scripts to deploy mordor environments
      Shell
      GNU General Public License v3.0
      2112910Updated Mar 3, 2021Mar 3, 2021

    • infosec-jupyter-book

      Public
      The Infosec Community Definitive Guide to Jupyter Notebooks
      Dockerfile
      GNU General Public License v3.0
      3012420Updated Oct 17, 2020Oct 17, 2020

    • notebooks-forge

      Public
      A collection of notebooks built for defensive and offensive operations.
      Jupyter Notebook
      GNU General Public License v3.0
      257720Updated Oct 13, 2020Oct 13, 2020

    • detection-hackathon-apt29

      Public
      Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
      Jupyter Notebook
      GNU General Public License v3.0
      41139490Updated Oct 12, 2020Oct 12, 2020

    • workshop-ekoparty-bluespace-2020

      Public
      Materiales para enseñar lo básico de Jupyter Notebooks y análisis de data con Pandas
      Dockerfile
      1300Updated Sep 29, 2020Sep 29, 2020

    • Community-Presentations

      Public
      Slides
      1100Updated Sep 29, 2020Sep 29, 2020

    • bloodhound-notebook

      Public
      BloodHound Cypher Queries Ported to a Jupyter Notebook
      Python
      GNU General Public License v3.0
      85300Updated Jun 20, 2020Jun 20, 2020

    • OSL

      Public
      A refreshed version of Hyde for Jekyll 3.x and 4.x
      CSS
      Other
      770100Updated May 27, 2020May 27, 2020

    • bloodhound-notebooks

      Public
      Notebooks created to attack and secure Active Directory environments
      Jupyter Notebook
      GNU General Public License v3.0
      92700Updated Nov 18, 2019Nov 18, 2019

    • API-To-Event

      Public
      A repo to document API functions mapped to security events across diverse platforms
      GNU General Public License v3.0
      187500Updated Nov 1, 2019Nov 1, 2019