Algbra-Labs-OSS / Chronicle
☆66Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for Chronicle
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆84Updated 10 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- ☆17Updated 3 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆62Updated 6 months ago
- pocket guide for core detection engineering concepts☆27Updated last year
- Anvilogic Forge☆86Updated last week
- ☆33Updated last week
- ☆37Updated 2 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆145Updated last week
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆115Updated last month
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated 8 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆25Updated last year
- ☆87Updated 2 years ago
- Audit log wall of shame.☆41Updated last month
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆161Updated last month
- A tool that allows you to document and assess any security automation in your SOC☆41Updated 3 weeks ago
- Public release of Whalehoney Honeypot☆29Updated 2 years ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆61Updated this week
- Recon Hunt Queries☆75Updated 3 years ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆93Updated 2 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆26Updated last month
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆31Updated 10 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆155Updated 2 months ago
- ☆133Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 8 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆44Updated this week
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆16Updated 2 weeks ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 6 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆85Updated last year