PacktPublishing / Security-Monitoring-using-Wazuh

Related projects ⓘ

Alternatives and complementary repositories for Security-Monitoring-using-Wazuh

• PacktPublishing / Automating-Security-Detection-Engineering
  Automating Security Detection Engineering, published by Packt
  ☆47Updated last month
• tsale / EDR-Telemetry-Website
  ☆72Updated this week
• PacktPublishing / Security-Orchestration-Automation-and-Response-for-Security-Analysts
  Security Orchestration, Automation and Response for Security Analysts, published by Packt
  ☆17Updated last year
• PacktPublishing / Purple-Team-Strategies
  Purple Team Strategies, Published by Packt
  ☆11Updated last year
• TeMiroYteHasheo / The-Hunters-Framework
  Project to Support The Hunter's Framework (THF)
  ☆11Updated 7 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆110Updated 7 months ago
• PacktPublishing / Incident-Response-with-Threat-Intelligence
  Incident Response with Threat Intelligence, published by Packt
  ☆49Updated 7 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆87Updated 6 months ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 3 months ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆49Updated 2 years ago
• SigmaHQ / pySigma-backend-crowdstrike
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆21Updated last month
• huntresslabs / rogueapps
  When good OAuth apps go rogue. Documents observed OAuth application tradecraft
  ☆43Updated last month
• DefensiveOrigins / DO-LAB
  ☆43Updated last month
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆86Updated 3 years ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆49Updated last month
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 2 months ago
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆73Updated this week
• PaloAltoNetworks / cortex-xql-queries
  Repository for Cortex XDR and Cortex XSIAM XQL queries and more!
  ☆22Updated 5 months ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆85Updated last year
• PacktPublishing / Threat-Hunting-with-Elastic-Stack
  Threat Hunting with Elastic Stack, Published by Packt
  ☆38Updated last year
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆63Updated last year
• Hacking-Lab / SecurityOperationsCenter
  Security Operation Center Lab
  ☆15Updated last month
• MISP / misp-playbooks
  MISP Playbooks
  ☆174Updated last month
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆168Updated 4 months ago
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆76Updated 4 months ago
• saidhfm / Cloud-Threat-Detection-Lab-AWS
  ☆32Updated last week
• magicsword-io / sigconverter.io
  An opensource sigma conversion tool built using pysigma
  ☆100Updated this week
• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts
  SentinelOne STAR Rules
  ☆50Updated last year
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆62Updated 5 months ago