LogCraftIO / logcraft-cli
Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)
☆16Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for logcraft-cli
- Kestrel Jupyter Notebook Kernel☆9Updated last year
- Using QRadar API☆20Updated 6 years ago
- Incident Response Report Using GitHub-Sphinx☆19Updated 5 years ago
- ☆14Updated 4 years ago
- This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler☆12Updated 3 years ago
- Notes on managing and coordinating the response to major cyber incidents☆39Updated 4 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated last week
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆17Updated 4 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 2 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆10Updated 4 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 3 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆38Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Workflows for Shuffle☆20Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Azure Sentinel Template parser☆15Updated 4 years ago
- Best practices in threat intelligence☆46Updated 2 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- ☆11Updated 3 years ago
- MITRE ATT&CK Based App in Power BI☆12Updated 8 months ago
- CSIRT Jump Bag☆27Updated 6 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- ☆70Updated 2 weeks ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- DNS Dashboard for hunting and identifying beaconing☆14Updated 4 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 4 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆12Updated 3 years ago