ElasticSA / elsec_dr2an
Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
☆20Updated last year
Alternatives and similar repositories for elsec_dr2an:
Users that are interested in elsec_dr2an are comparing it to the libraries listed below
- List of sigma for a variety of threats for multiple log sources.☆11Updated 6 years ago
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- ☆41Updated last year
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- ☆10Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.☆56Updated 4 years ago
- Import Mitre Att&ck into Neo4j database☆35Updated 2 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- SIEM Detection Use Case Library mapped to MITRE ATT&CK tactics and techniques☆12Updated 6 years ago
- ☆33Updated 3 years ago
- DNS Dashboard for hunting and identifying beaconing☆15Updated 4 years ago
- ☆19Updated 4 years ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 5 months ago
- A MITRE Caldera plugin☆43Updated 5 months ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- ☆53Updated 6 years ago
- Look into EDR events from network☆23Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago