ElasticSA / elsec_dr2an
Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
☆20Updated last year
Alternatives and similar repositories for elsec_dr2an:
Users that are interested in elsec_dr2an are comparing it to the libraries listed below
- Threat Mapping Catalogue☆17Updated 3 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 4 years ago
- Import Mitre Att&ck into Neo4j database☆35Updated 2 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Updated 5 years ago
- List of sigma for a variety of threats for multiple log sources.☆11Updated 6 years ago
- Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.☆56Updated 4 years ago
- ☆10Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Updated 8 months ago
- ☆41Updated last year
- Links to malware-related YARA rules☆15Updated 2 years ago
- ☆19Updated 4 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- ☆34Updated 4 years ago
- Workflows for Shuffle☆21Updated 2 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Suricata rule and intel index☆30Updated last week
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- A CALDERA plugin☆76Updated 3 weeks ago
- Searches for Insider Threat Hunting☆31Updated 5 years ago
- Plugin for Zeek/Bro which provides http2 decoder/analyzer☆31Updated 9 months ago
- ☆77Updated 5 years ago