LogCraftIO / logcraft-cliLinks
Detection-as-Code CI/CD pipeline for modern security operations (SIEM, EDR, XDR, ...)
☆21Updated last month
Alternatives and similar repositories for logcraft-cli
Users that are interested in logcraft-cli are comparing it to the libraries listed below
Sorting:
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- Web based S1 query navigator for one-click threat hunting☆19Updated 4 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆44Updated last year
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated last year
- Import CrowdStrike Threat Intelligence into your instance of MISP☆47Updated 2 weeks ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- SentinelOne STAR Rules☆62Updated 4 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆42Updated last month
- Notes on managing and coordinating the response to major cyber incidents☆40Updated 5 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 2 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆82Updated last year
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Incident Response Report Using GitHub-Sphinx☆20Updated 5 years ago
- Custom Kibana dashboards to secure and monitor Microsoft 365.☆13Updated last year
- Collection of Dashboards for Threat Hunting and more!☆68Updated 4 years ago
- Run Velociraptor on Security Onion☆38Updated 2 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆71Updated 3 years ago
- ☆72Updated 8 months ago
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆26Updated 5 months ago
- ☆28Updated 3 months ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 4 years ago
- This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…☆27Updated 8 months ago
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 3 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- This repository contains Splunk queries to hunt some anomalies☆43Updated 2 years ago
- ☆17Updated 2 years ago
- 🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …☆10Updated last year
- ☆35Updated 4 years ago
- ☆35Updated 8 months ago