Loginsoft-Research / detection-rules
Threat Detection & Anomaly Detection rules for popular open-source components
☆49Updated 2 years ago
Related projects: ⓘ
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆105Updated 7 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- ☆27Updated this week
- ☆43Updated 2 years ago
- Automated detection rule analysis utility☆29Updated last year
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆57Updated last year
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago
- Recon Hunt Queries☆76Updated 3 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- Notes on managing and coordinating the response to major cyber incidents☆38Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆83Updated last year
- The FASTEST way to consume threat intel.☆62Updated last year
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- Workflows for Shuffle☆20Updated last year
- ☆34Updated 3 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆55Updated 4 months ago
- Cyber Threats Detection Rules☆13Updated last week
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆15Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆18Updated 2 years ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.☆57Updated 4 years ago