PolitoInc / ELK-HuntingView external linksLinks
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
☆65Oct 31, 2017Updated 8 years ago
Alternatives and similar repositories for ELK-Hunting
Users that are interested in ELK-Hunting are comparing it to the libraries listed below
Sorting:
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆289Jan 15, 2024Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Mar 13, 2023Updated 2 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- Collection of walkthroughs on various threat hunting techniques☆76Aug 3, 2020Updated 5 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- ☆53May 21, 2018Updated 7 years ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Real-time Packet Observation Tool☆39Sep 26, 2023Updated 2 years ago
- Contains Logstash related content including tons of Logstash configurations☆254Aug 25, 2021Updated 4 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆57Jan 10, 2018Updated 8 years ago
- python script allow red teaming , hackthebox Pwners , OSCP lovers to shorten their time by these useful shells☆32Mar 4, 2021Updated 4 years ago
- ☆77Jun 25, 2019Updated 6 years ago
- Powershell Threat Hunting Module☆289Sep 21, 2016Updated 9 years ago
- ☆21Apr 30, 2020Updated 5 years ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 4 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 8 years ago
- ☆134Mar 21, 2024Updated last year
- A collection of resources for Threat Hunters☆914Oct 15, 2024Updated last year
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆55Nov 25, 2020Updated 5 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- Configuration files for the SOF-ELK VM☆1,715Jan 21, 2026Updated 3 weeks ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- Kibana 4 Templates for Suricata IDPS☆33Jul 28, 2016Updated 9 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Sep 28, 2015Updated 10 years ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 6 years ago
- Created on 10th August 2017. Purpose of this Project is to note down every useful object I gained during the time I spent working on OSCP…☆19Feb 26, 2018Updated 7 years ago
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 7 years ago
- ☆25Oct 14, 2017Updated 8 years ago