OSSEM Common Data Model
☆56Sep 20, 2022Updated 3 years ago
Alternatives and similar repositories for OSSEM-CDM
Users that are interested in OSSEM-CDM are comparing it to the libraries listed below
Sorting:
- OSSEM Data Dictionaries☆65Jan 22, 2025Updated last year
- OSSEM Detection Model☆183Oct 11, 2022Updated 3 years ago
- Open Source Security Events Metadata (OSSEM)☆1,288Feb 27, 2023Updated 3 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 5 years ago
- Building environments to replicate small networks and deploy applications☆330Jan 9, 2026Updated last month
- A knowledge base of actionable Incident Response techniques☆662May 31, 2022Updated 3 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Public Chronicle Detection Rules☆12Apr 25, 2023Updated 2 years ago
- Collection of Semgrep rules for security analysis☆10Mar 30, 2024Updated last year
- Threat hunting with Sysmon and ArangoDB Graphs☆12Apr 16, 2020Updated 5 years ago
- Cyber Analytics Repository☆984May 16, 2025Updated 9 months ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆414Sep 13, 2023Updated 2 years ago
- An extreme bootcamp to enable teams to build DevSecOps into their environment.☆10Jan 16, 2017Updated 9 years ago
- OSCP - Study☆13Aug 18, 2021Updated 4 years ago
- Ansible role skeleton used for new cloud alchemy roles☆15May 11, 2022Updated 3 years ago
- An npm package to defang and refang IoC☆12Sep 7, 2025Updated 5 months ago
- Use ORT in your GitLab pipelines☆15Nov 11, 2025Updated 3 months ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆31Jul 27, 2023Updated 2 years ago
- OAuth 2.1 and OpenID Connect for Java Developers☆15Oct 18, 2023Updated 2 years ago
- Threat Alert Logic Repository☆93Feb 7, 2019Updated 7 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- pySigma Splunk backend☆41Updated this week
- Phantom Community Playbooks☆530Jan 22, 2026Updated last month
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆82Jun 9, 2025Updated 8 months ago
- A platform to create, catalog and deploy tests for tools such as Gauntlt, AttackIQ and Metasploit.☆17Jul 22, 2016Updated 9 years ago
- An analytical framework for network traffic and behavioral analytics☆456Dec 7, 2022Updated 3 years ago
- Client-side scripts provided by WhoisXML API, Inc., for clients using WHOIS data feeds to obtain bulk whois data or to set up a WHOIS da…☆19Jun 7, 2023Updated 2 years ago
- A repository of curated datasets from various attacks☆726Updated this week
- A tool to assess data quality, built on top of the awesome OSSEM.☆80Jul 29, 2022Updated 3 years ago
- Hunting queries and detections☆883Oct 30, 2025Updated 4 months ago
- Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.☆64Feb 15, 2026Updated 2 weeks ago
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Dec 11, 2023Updated 2 years ago
- External twitter feeder for AIL framework☆16Apr 16, 2023Updated 2 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Mar 3, 2021Updated 5 years ago