Threat Hunting with ELK Workshop (InfoSecWorld 2017)
☆65Oct 31, 2017Updated 8 years ago
Alternatives and similar repositories for ELK-Hunting
Users that are interested in ELK-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 7 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 7 years ago
- Collection of walkthroughs on various threat hunting techniques☆76Aug 3, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆291Jan 15, 2024Updated 2 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- ☆53May 21, 2018Updated 7 years ago
- A collection of resources for Threat Hunters☆914Oct 15, 2024Updated last year
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- Configuration files for the SOF-ELK VM☆1,724Jan 21, 2026Updated 2 months ago
- ☆37Aug 23, 2022Updated 3 years ago
- Yara intergrated into BurpSuite☆48Jun 30, 2016Updated 9 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆57Jan 10, 2018Updated 8 years ago
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Various exploits☆10Apr 27, 2017Updated 8 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 3 months ago
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 9 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 9 years ago
- ☆23May 7, 2021Updated 4 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Mar 13, 2023Updated 3 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Track public endpoints and connections across AWS accounts using VPC Flow Logs☆12Jun 14, 2016Updated 9 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,859Nov 17, 2021Updated 4 years ago