JPMinty / Detection_Engineering_SignaturesLinks
YARA, SIGMA, SNORT Rules based on Malware Analysis
☆16Updated 6 months ago
Alternatives and similar repositories for Detection_Engineering_Signatures
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below
Sorting:
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated 2 months ago
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 7 months ago
- User Feedback Space of #MitreAssistant☆38Updated 2 years ago
- ☆22Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆115Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆111Updated 11 months ago
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆88Updated 8 months ago
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 10 months ago
- Documentation site for Velociraptor☆54Updated last week
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆57Updated 4 months ago
- Remote access and Antivirus Logging Database☆43Updated last year
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33Updated last year
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 3 years ago
- Cyber Underground General Intelligence Requirements☆96Updated last year
- A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-system…☆28Updated 2 years ago
- Cheat sheets for threat hunting, detection and other stuff.☆34Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆79Updated 4 months ago
- Script to automate Linux live evidence collection☆27Updated 3 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Public tools, scripts or code snippets that can help when working with our products☆46Updated 5 months ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Updated 2 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆125Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma library☆51Updated 2 years ago
- A MITRE ATT&CK Lookup Tool☆45Updated last year
- Dictionary of CTI-related acronyms, terms, and jargon☆144Updated last year
- ☆67Updated last month