Neo23x0 / auditdLinks
Best Practice Auditd Configuration
☆1,668Updated 6 months ago
Alternatives and similar repositories for auditd
Users that are interested in auditd are comparing it to the libraries listed below
Sorting:
- Transform Linux Audit logs for SIEM usage☆780Updated last week
- Linux audit userspace repository☆669Updated this week
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆804Updated 5 years ago
- PCI-DSS compliant Debian 11/12 hardening☆916Updated this week
- Digging Deeper....☆3,398Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆2,192Updated 2 weeks ago
- A Suricata based IDS/IPS/NSM distro☆1,558Updated 2 weeks ago
- Detect Tactics, Techniques & Combat Threats☆2,194Updated 3 weeks ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,514Updated last year
- Sysmon for Linux☆1,930Updated last month
- Configuration files for the SOF-ELK VM☆1,628Updated last week
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,458Updated last month
- A repository of sysmon configuration modules☆2,845Updated last year
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆850Updated 2 weeks ago
- Wazuh - Ruleset☆470Updated 11 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆428Updated 2 weeks ago
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,319Updated last year
- Vulnerability Intelligence Platform☆2,177Updated this week
- UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …☆1,064Updated last week
- Create actionable data from your Vulnerability Scans☆1,390Updated 2 years ago
- Hardening Ubuntu. Systemd edition.☆1,474Updated last week
- Real-time, container-based file scanning at enterprise scale☆940Updated 3 weeks ago
- Collaborative Incident Response platform☆1,241Updated 3 weeks ago
- A repository for using osquery for incident detection and response☆858Updated 3 years ago
- The Hunting ELK☆3,870Updated last year
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆462Updated last week
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆936Updated last year
- YARA signature and IOC database for my scanners and tools☆2,721Updated this week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,338Updated this week
- Windows Events Attack Samples☆2,412Updated 2 years ago