13ihsan92 / Security-Blue-Team
This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.
☆23Updated 2 years ago
Alternatives and similar repositories for Security-Blue-Team:
Users that are interested in Security-Blue-Team are comparing it to the libraries listed below
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆29Updated 6 months ago
- A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team …☆40Updated 2 years ago
- ☆33Updated last year
- A SOC Analyst's tool to automate the investigation & validation of possible Indicators of Compromise (IOCs) and perform various tasks inc…☆22Updated 2 years ago
- Cyber Security Awareness Framework (CSAF)☆94Updated 3 weeks ago
- In this projects are custom-decoders and custom-rules for Wazuh by me. Feel free to use it, you can redistribute it and/or modify it unde…☆25Updated last week
- a curated, categorised collection of useful projects 👨👩👧☆107Updated last month
- 🧰 Various PowerShell scripts for security, sysadmins, blue and red teams👫🏼☆23Updated last month
- A powerful home-lab focused on setting up Splunk SIEM and real-world use cases. If you’re interested to become SOC Analyst(Tier 1/2) , th…☆50Updated last year
- Powershell script to query IBM Qradar SIEM and to generate KPI☆9Updated last year
- ☆18Updated last year
- HookPhish is a Python script designed to aid in the detection of phishing websites☆35Updated last year
- Splunk add-on related to the PurpleLab tool☆38Updated 11 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆40Updated 11 months ago
- Wazuh integration TheHive☆35Updated 2 years ago
- ☆15Updated 2 years ago
- Advanced Threat Hunting: Ransomware Group☆20Updated 3 months ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆28Updated last month
- Repo Filled With Follow Along Guides☆74Updated 2 years ago
- ☆209Updated 10 months ago
- ☆16Updated 3 years ago
- Create a SOC lab with SIEM, AD, Workstation, Firewall, Sysmon, IPS. Step by Step☆30Updated 2 years ago
- Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.☆43Updated last year
- Security Scripts and Sources for daily usage.☆56Updated 2 weeks ago
- 🤖 Bot to get the last Cyber Security information in a Microsoft Teams channel 🏴☠️☆41Updated this week
- Useful scripts for those administering Wazuh☆81Updated 2 months ago
- Suricata rules that can detect a wide range of threats, including malware, exploits, and other malicious activity especially web applicat…☆43Updated last year
- Research repository tracking affected IPs from the Fortigate CVE-2022-40684 configuration leak by Belsen Group☆87Updated 2 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆44Updated 3 weeks ago
- ☆12Updated 7 months ago