Blue Team Resources

View at Medium.com

Mozilla Firefox Browser Forensics

Blue Teaming Training 2020

Integrating Adversary Emulation using Infection Monkey with Azure Sentinel

Incident Response Plan Builder

Reverse Engineering 101

How To Measure SOC Quality

MITRE D3FEND Resources

https://techcommunity.microsoft.com/t5/azure-sentinel/hunting-for-omi-vulnerability-exploitation-with-azure-sentinel/ba-p/2764093

https://www.kitploit.com/2021/10/linuxcatscale-incident-response.html?m=1

IR Playbooks / IR Resources:

https://www.gov.scot/publications/cyber-resilience-incident-management/
https://github.com/certsocietegenerale/IRM/tree/master/EN
https://www.dfir.training/index.php?option=com_jreviews&format=ajax&url=media/download&m=14tt1&1600804844570

https://gitlab.com/syntax-ir/playbooks/-/tree/main/

https://atc-project.github.io/atc-react/

https://docs.microsoft.com/en-us/security/compass/incident-response-playbooks

https://github.com/austinsonger/Incident-Playbook

Threat Hunting

https://imphash.medium.com/detecting-lateral-movement-101-part-2-hunting-for-malcode-execution-via-wmi-using-windows-event-f9a5410649c

https://sansorg.egnyte.com/dl/ZkAyckjFTI

https://www.threathunting.se/tag/windows-process/