Neo23x0/ti-falsepositives

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Neo23x0/ti-falsepositives)

Neo23x0 / ti-falsepositives

A collection of typical false positive indicators

☆56

Alternatives and similar repositories for ti-falsepositives

Users that are interested in ti-falsepositives are comparing it to the libraries listed below

Sorting:

Neo23x0 / YARA-rules
View on GitHub
Some YARA rules i will add from time to time
☆12May 31, 2019Updated 6 years ago
Neo23x0 / atomic-threat-coverage
View on GitHub
Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
☆23Dec 13, 2018Updated 7 years ago
Neo23x0 / awesome-yara
View on GitHub
A curated list of awesome YARA rules, tools, and people.
☆33Oct 26, 2023Updated 2 years ago
jaegeral / awesome-cyber-civil-society-actors
View on GitHub
A curated lust of awesome cyber civil society actors, project etc.
☆10Jul 16, 2020Updated 5 years ago
Neo23x0 / cyber-chef-recipes
View on GitHub
Recipes for GCHQ's CyberChef Web App
☆39Nov 15, 2018Updated 7 years ago
hashlookup / a-ray-grass
View on GitHub
a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…
☆14Aug 19, 2022Updated 3 years ago
zeflow / Sigma2SplunkAlert
View on GitHub
Converts Sigma detection rules to a Splunk alert configuration.
☆12Jul 1, 2021Updated 4 years ago
deependresearch / hoard
View on GitHub
Historical Observations of Actionable Reputation Data
☆13Jun 26, 2018Updated 7 years ago
Cluster25 / detection
View on GitHub
Threat Detection Rules (Snort/Sigma/Yara)
☆14Jan 23, 2024Updated 2 years ago
vadim-hunter / Detection-Ideas-Rules
View on GitHub
Detection Ideas & Rules repository.
☆178Sep 10, 2021Updated 4 years ago
Neo23x0 / vti-dorks
View on GitHub
Awesome VirusTotal Intelligence Search Queries
☆332May 16, 2023Updated 2 years ago
sebdraven / IOCmite
View on GitHub
Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
☆37Nov 9, 2022Updated 3 years ago
atc-project / react-navigator
View on GitHub
Web app that provides basic navigation and annotation of ATT&CK matrices
☆17Nov 7, 2020Updated 5 years ago
maltegotransforms / maltego-stix2
View on GitHub
Generation of STIX2 compliant entities for Maltego
☆20Oct 4, 2023Updated 2 years ago
aboutsecurity / Audit_Host-Baseline
View on GitHub
A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems
☆20Oct 19, 2013Updated 12 years ago
ninoseki / rogue_one
View on GitHub
A rogue DNS detector
☆24Nov 20, 2025Updated 3 months ago
ajackal / ir_scripts
View on GitHub
incident response scripts
☆18Mar 4, 2019Updated 7 years ago
Neo23x0 / space-id
View on GitHub
Invisible Watermarks with Space Characters in ASCII Files
☆21Jun 14, 2018Updated 7 years ago
headlesszeke / zoom-virtual-foreground
View on GitHub
Just for funsies, virtual foregrounds in Zoom conference calls
☆18May 5, 2020Updated 5 years ago
Neo23x0 / sysmon-version-history
View on GitHub
An Inofficial Sysmon Version History (Change Log)
☆33Oct 25, 2020Updated 5 years ago
0xN3utr0n / Kanis
View on GitHub
Advanced threat detection solution for Linux.
☆36Dec 5, 2020Updated 5 years ago
thirdeyeintelligence / Memoirs-of-a-Threat-Hunter
View on GitHub
My personal experience in Threat Hunting and knowledge gained so far.
☆19May 27, 2017Updated 8 years ago
100DaysofYARA / 2022
View on GitHub
☆23Dec 15, 2022Updated 3 years ago
neolea / neolea-training-materials
View on GitHub
Open source training materials for law-enforcement and organisations interested in DFIR.
☆63May 30, 2025Updated 9 months ago
stairwell-inc / threat-research
View on GitHub
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆23Jan 31, 2024Updated 2 years ago
mandiant / thiri-notebook
View on GitHub
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
☆154Apr 25, 2022Updated 3 years ago
DomainTools / DomainCAT
View on GitHub
Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
☆46Nov 1, 2021Updated 4 years ago
nogoodconfig / pyarascanner
View on GitHub
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
☆27Jun 3, 2018Updated 7 years ago
ruppde / yara_rules
View on GitHub
Yara rules
☆22Mar 27, 2023Updated 2 years ago
sbousseaden / YaraHunts
View on GitHub
Random hunting ordiented yara rules
☆96Mar 27, 2023Updated 2 years ago
Neo23x0 / evt2sigma
View on GitHub
Log Entry to Sigma Rule Converter
☆107Mar 3, 2022Updated 4 years ago
adulau / pdns-qof-server
View on GitHub
Passive DNS server interface compliant to "Common Output Format"
☆10Sep 19, 2016Updated 9 years ago
DefensiveOrigins / LABPACK
View on GitHub
Various components we use in labs
☆10Oct 30, 2020Updated 5 years ago
mamoedo / social-alerts
View on GitHub
Get notified instantly when your users of interest speak about something.
☆10Mar 24, 2020Updated 5 years ago
Kathayra / threathuntingmaturitymodel
View on GitHub
Build your own threat hunting maturity model
☆11Oct 29, 2017Updated 8 years ago
mohlcyber / OpenDXL-ATD-MAR-Elasticsearch
View on GitHub
Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana
☆10Aug 17, 2018Updated 7 years ago
DBHeise / ShowSheets
View on GitHub
A Simple CLI App to mark all EXCEL sheets visible (i.e. sets "Very Hidden" and "Hidden" to "Visible")
☆11Apr 16, 2020Updated 5 years ago
OTRF / sigma
View on GitHub
Generic Signature Format for SIEM Systems
☆14Oct 27, 2021Updated 4 years ago
NextronSystems / iocs
View on GitHub
Indicators of compromise from to analysis and research by Nextron Threat Research team
☆12Sep 17, 2025Updated 5 months ago