JPMinty / Detection_Engineering_SignaturesLinks
YARA, SIGMA, SNORT Rules based on Malware Analysis
☆16Updated 8 months ago
Alternatives and similar repositories for Detection_Engineering_Signatures
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below
Sorting:
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆57Updated 10 months ago
- User Feedback Space of #MitreAssistant☆38Updated 2 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated 2 weeks ago
- Cheat sheets for threat hunting, detection and other stuff.☆33Updated 3 years ago
- ☆22Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆116Updated last year
- Cyber Underground General Intelligence Requirements☆97Updated last year
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆116Updated 2 years ago
- ☆67Updated last month
- simple webapp for converting sigma rules into siem queries using the pySigma library☆51Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆70Updated last year
- Random notes collected on the intertubes relating to DFIR☆35Updated 2 years ago
- Sample evtx files to use for testing hayabusa detection rules☆64Updated 2 months ago
- Remote access and Antivirus Logging Database☆44Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆125Updated 2 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Updated last year
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆100Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆50Updated last year
- Intel Retrieval Augmented Generation (RAG) Utilities☆91Updated last year
- A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-system…☆28Updated 2 years ago
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆32Updated last year
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆85Updated last month
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆59Updated 3 years ago