Cisco-Talos / osquery_queries
Cisco Orbital - Osquery queries by Talos
☆130Updated 7 months ago
Alternatives and similar repositories for osquery_queries:
Users that are interested in osquery_queries are comparing it to the libraries listed below
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Python library for threat intelligence☆84Updated 2 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated 3 weeks ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆80Updated last year
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆207Updated last month
- OSSEM Common Data Model☆55Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- Automatically create YARA rules from malicious documents.☆210Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆66Updated last year
- Sigma Detection Rule Repository☆87Updated 4 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated 11 months ago
- Recon Hunt Queries☆76Updated 3 years ago
- Threat Hunting & Incident Investigation with Osquery☆205Updated 3 years ago
- Osquery Resources☆60Updated 5 years ago
- Rules generated from our investigations.☆192Updated last week
- Collection of Jupyter Notebooks by @fr0gger_☆159Updated last week
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last week
- Sigma rules from Joe Security☆207Updated 4 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆78Updated last week
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆101Updated this week
- ☆126Updated 3 weeks ago
- An opensource sigma conversion tool built using pysigma☆121Updated 3 months ago
- ☆34Updated 4 years ago
- ☆27Updated 4 years ago
- ☆93Updated 2 years ago
- A CALDERA plugin☆76Updated 3 weeks ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago