OpenSOC.io - Helpful Links

SANS

Collection of all SANS posters (CTRL-F-able)

Greylog

Greylog Documentation

OS Query

Example Queries

(Awesome listing of queries mapped to the MITRE AT&TCK framework)[https://github.com/teoseller/osquery-attck]

Threat Hunting w/ OS Query

Using OSQuery for Remote Forensics

Introduction to osquery for Threat Detection and DFIR

ReconHunt - OSQuery Examples & Hunts