GACWR / OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
☆416Updated 11 months ago
Alternatives and similar repositories for OpenUBA:
Users that are interested in OpenUBA are comparing it to the libraries listed below
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆854Updated 7 months ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆407Updated last year
- Actionable analytics designed to combat threats☆982Updated 2 years ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆480Updated last week
- Mapping the MITRE ATT&CK Matrix with Osquery☆790Updated last year
- Cyber Analytics Repository☆929Updated 11 months ago
- Open Source Security Events Metadata (OSSEM)☆1,260Updated 2 years ago
- A repository of curated datasets from various attacks☆632Updated this week
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆348Updated 3 years ago
- Security event correlation engine for ELK stack☆435Updated 9 months ago
- STIX data representing MITRE ATT&CK☆389Updated 4 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆596Updated last week
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆562Updated 3 months ago
- Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.☆311Updated 6 months ago
- ☆125Updated last year
- 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as…☆234Updated 11 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,145Updated last year
- Phantom Community Playbooks☆492Updated last month
- Cortex Analyzers Repository☆450Updated this week
- Re-play Security Events☆1,629Updated last year
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆119Updated last year
- Documentation of TheHive☆396Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆498Updated 3 years ago
- CASCADE Server☆267Updated 2 years ago
- Python library using the MISP Rest API☆456Updated this week
- PCAP Samples for Different Post Exploitation Techniques☆356Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆582Updated 9 months ago
- SIEM Tactics, Techiques, and Procedures☆616Updated last month
- MITRE ATT&CK Website☆515Updated 2 weeks ago
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,295Updated 11 months ago