Skip to content
/ threathunting Public

Assorted, MIT licensed, threat hunting rules from @bradleyjkemp

License

MIT license
12 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bradleyjkemp/threathunting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.github/workflows
.github/workflows
 
 
macos
macos
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Assorted, MIT licensed, threat hunting rules from @bradleyjkemp

Contents

  • apfell/: Sigma rules for detecting the https://github.com/its-a-feature/Mythic MacOS implant:
    • Temporary keychain file created on Apfell agent launch as part of its session key generation implementation
    • IOCs for a couple of the agent functions built-in to the standard Apfell payload

About

Assorted, MIT licensed, threat hunting rules from @bradleyjkemp

Resources

Readme

License

MIT license
Activity

Stars

12 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 2

  •  
  •