CyberSift / OSQUERY-PACKSLinks
Osquery Packs we use for customer security hardening
☆12Updated 2 months ago
Alternatives and similar repositories for OSQUERY-PACKS
Users that are interested in OSQUERY-PACKS are comparing it to the libraries listed below
Sorting:
- ☆34Updated 2 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated 2 weeks ago
- Golang implementation of PyMISP-feedgenerator☆18Updated 3 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Updated 5 years ago
- Open-source Fabric templates for cybersecurity and compliance☆21Updated 7 months ago
- A collection of tips for using MISP.☆74Updated 8 months ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆39Updated 4 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆46Updated last year
- Recon Hunt Queries☆77Updated 4 years ago
- Notes for High Availability MISP in AWS☆19Updated 5 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- Corelight@Home script☆43Updated last year
- ☆43Updated last month
- Table Top Exercise (TTX) for Computer Security Incident Response (CSIRT) teams. The templatized artifacts provided will hopefully help te…☆38Updated 4 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆36Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 3 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- Some resources to facilitate my blog on auditd for security monitoring☆13Updated 2 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Updated 5 years ago
- Visual Studio Code extension for MITRE ATT&CK☆54Updated last year
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆28Updated 3 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 3 years ago