Hestat / ossec-sysmon
A Ruleset to enhance detection capabilities of Ossec using Sysmon
☆91Updated 2 years ago
Alternatives and similar repositories for ossec-sysmon:
Users that are interested in ossec-sysmon are comparing it to the libraries listed below
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆64Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated this week
- Docker image for Velocidex Velociraptor☆120Updated last week
- OSSEM Detection Model☆175Updated 2 years ago
- Convert Sigma rules to Wazuh rules☆63Updated 10 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆109Updated 2 months ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Anything Sysmon related from the MSTIC R&D team☆150Updated 9 months ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆184Updated 2 years ago
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 4 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆151Updated 3 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆350Updated last month
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last month
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆185Updated 3 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆107Updated 2 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 10 months ago
- Threat Hunting & Incident Investigation with Osquery☆205Updated 2 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆273Updated last year
- Rules generated from our investigations.☆193Updated this week
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆298Updated 3 years ago
- Fast IOC and YARA Scanner☆77Updated 4 years ago
- Sigma rules from Joe Security☆207Updated 4 months ago
- Docker image for MISP☆123Updated last month
- Build a attack range in your local machine☆130Updated last year
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆90Updated 3 weeks ago
- ☆124Updated last year