JPMinty / Detection_Engineering_Signatures
YARA, SIGMA, SNORT Rules based on Malware Analysis
☆16Updated 7 months ago
Alternatives and similar repositories for Detection_Engineering_Signatures:
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below
- User Feedback Space of #MitreAssistant☆37Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆67Updated 2 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆82Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆51Updated last month
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆34Updated last month
- Library of threat hunts to get any user started!☆41Updated 4 years ago
- ☆20Updated last year
- Open Threat-Informed Detection Engineering☆28Updated last week
- SigmaHQ pySigma CrowdStrike processing pipeline☆21Updated 3 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆59Updated 8 months ago
- Documentation site for Velociraptor☆39Updated this week
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Full of public notes and Utilities☆94Updated last month
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆45Updated 9 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 4 months ago
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆44Updated 3 months ago
- Remote access and Antivirus Logging Database☆43Updated 8 months ago
- Random notes collected on the intertubes relating to DFIR☆32Updated last year
- This repo is where I store my Threat Hunting ideas/content☆86Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆73Updated last year
- BlackBerry Threat Research & Intelligence☆95Updated last year
- A collection of various SIEM rules relating to malware family groups.☆64Updated 7 months ago
- pySigma Splunk backend☆34Updated last month
- Config files for my GitHub profile.☆14Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆64Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆74Updated 2 months ago
- Advanced Threat Hunting: Ransomware Group☆18Updated last month
- Slides of my public talks☆48Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆85Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆101Updated last year