G-Research / siembol
An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.
☆205Updated 5 months ago
Alternatives and similar repositories for siembol:
Users that are interested in siembol are comparing it to the libraries listed below
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated this week
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆148Updated 2 years ago
- Threat Hunting & Incident Investigation with Osquery☆205Updated 2 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 10 months ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆247Updated this week
- Build a attack range in your local machine☆130Updated last year
- Sublime rules for email attack detection, prevention, and threat hunting.☆278Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆184Updated 2 years ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆185Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆183Updated 3 years ago
- Tool to discover external and internal network attack surface☆195Updated 9 months ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆137Updated 7 months ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Updated 11 months ago
- ☆124Updated last year
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆91Updated this week
- All-in-one bundle of MISP, TheHive and Cortex☆170Updated 2 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆273Updated last year
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆142Updated 6 months ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Threat Hunting tool about Sysmon and graphs☆330Updated last year
- Cyber Incident Response Team Playbook Battle Cards☆373Updated 10 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆200Updated 2 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆129Updated 2 years ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆111Updated last year