NVISOsecurity / sigma-publicLinks
Generic Signature Format for SIEM Systems
☆17Updated last year
Alternatives and similar repositories for sigma-public
Users that are interested in sigma-public are comparing it to the libraries listed below
Sorting:
- ☆53Updated 6 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 5 months ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- Links to malware-related YARA rules☆15Updated 2 years ago
- THOR MITRE ATT&CK Framework Coverage☆24Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- Audit Powershell and search from known keywords in history #Blueteam☆25Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- Detect kerberos attacks in pcap files☆29Updated 9 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 4 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆42Updated 4 years ago
- ATT&CK Evaluations website (DEPRECATED)☆59Updated 4 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Updated 7 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Updated 10 months ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated 2 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆41Updated last year