AttackIQ / pySigma-backend-kustoLinks
☆41Updated 3 weeks ago
Alternatives and similar repositories for pySigma-backend-kusto
Users that are interested in pySigma-backend-kusto are comparing it to the libraries listed below
Sorting:
- Dettectinator - The Python library to your DeTT&CT YAML files.☆115Updated 3 months ago
- ☆101Updated 3 weeks ago
- An opensource sigma conversion tool built using pysigma☆132Updated last month
- A repository to share publicly available Velociraptor detection content☆184Updated last week
- A preconfigured Velociraptor triage collector☆52Updated this week
- Notes on responding to security breaches relating to Azure AD☆114Updated 3 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆47Updated 2 months ago
- MISP to Sentinel integration☆69Updated last week
- A repository of my own Sigma detection rules.☆160Updated 10 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆111Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 5 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆40Updated last month
- A collection of various SIEM rules relating to malware family groups.☆67Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆155Updated 5 months ago
- Full of public notes and Utilities☆127Updated 5 months ago
- ☆8Updated 9 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated last year
- A pySigma wrapper to manage detection rules.☆40Updated 3 weeks ago
- ☆93Updated 2 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆65Updated 4 months ago
- ☆63Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Updated 11 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆26Updated 9 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆52Updated 3 years ago
- LotL RMM☆226Updated last week
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated last month
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 9 months ago