NVISOsecurity / sigma-publicLinks
Generic Signature Format for SIEM Systems
☆18Updated 2 years ago
Alternatives and similar repositories for sigma-public
Users that are interested in sigma-public are comparing it to the libraries listed below
Sorting:
- THOR MITRE ATT&CK Framework Coverage☆25Updated 5 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 5 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated 2 years ago
- ATT&CK Evaluations website (DEPRECATED)☆62Updated 4 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆115Updated 2 years ago
- ☆53Updated 6 years ago
- Cybersecurity Incidents Mind Maps☆34Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆90Updated 3 years ago
- Threat Mapping Catalogue☆18Updated 4 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 4 years ago
- ☆42Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35Updated 7 months ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- pollen - A command-line tool for interacting with TheHive☆36Updated 6 years ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆38Updated 4 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Updated 7 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆73Updated 4 years ago
- ☆46Updated 2 years ago
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆58Updated 3 years ago
- Repository for my ATT&CK analysis research.☆70Updated 6 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 6 years ago
- A repo to document API functions mapped to security events across diverse platforms☆74Updated 6 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆80Updated 3 years ago
- A YARA Rule Performance Measurement Tool☆61Updated last year
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated last year
- A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.☆58Updated 3 years ago