3CORESec / Automata
Automatic detection engineering technical state compliance
☆49Updated 2 months ago
Related projects: ⓘ
- Automated detection rule analysis utility☆29Updated last year
- ☆40Updated 5 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- ☆20Updated this week
- A repository of Sysmon For Linux configuration modules☆14Updated 2 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆15Updated last year
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆29Updated 2 months ago
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- ☆25Updated 3 years ago
- ☆37Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated last year
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆21Updated last year
- A list of Mitre Caldera compatible emulation-plans☆14Updated 3 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated last year
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- A YARA Rule Performance Measurement Tool☆58Updated 6 months ago
- Windows Security Logging☆43Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- ☆27Updated this week
- A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.☆20Updated 2 years ago