AtlasInsideCorp / UTMStackCorrelationRules
☆17Updated this week
Related projects: ⓘ
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago
- Docker image for Velocidex Velociraptor☆112Updated 2 months ago
- A production ready Dockered MISP☆138Updated this week
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- Docker image for MISP☆109Updated last week
- OpenCTI Docker deployment helpers☆153Updated this week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆404Updated 8 months ago
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆300Updated 3 months ago
- Rules generated from our investigations.☆186Updated last month
- Docker configurations for TheHive, Cortex and 3rd party tools☆110Updated last year
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆287Updated 2 years ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆658Updated last month
- A curated list of awesome things related to TheHive & Cortex☆170Updated 2 years ago
- Wazuh integration TheHive☆30Updated last year
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆104Updated 2 years ago
- MISP Docker (XME edition)☆283Updated 9 months ago
- Anything Sysmon related from the MSTIC R&D team☆143Updated 3 months ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆174Updated 8 months ago
- Playbooks for SOC Analysts☆119Updated last year
- Suricata rules for network anomaly detection☆152Updated 3 weeks ago
- Build a attack range in your local machine☆130Updated last year
- CSI SIEM☆100Updated last year
- ☆32Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆497Updated 2 weeks ago
- Repo Filled With Follow Along Guides☆68Updated 2 years ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆137Updated last year
- Sigma rules from Joe Security☆199Updated last month
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆87Updated 11 months ago