SecSamDev / sysmon-arangodb

Related projects ⓘ

Alternatives and complementary repositories for sysmon-arangodb

• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• MISP / evtx-toolkit
  Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
  ☆11Updated 4 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• mandiant / goauditparser
  ☆43Updated last year
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆65Updated 2 years ago
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆39Updated last year
• c2defense / network-device-logs
  Analytics for Accounting logs from Network devices
  ☆16Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆85Updated 3 years ago
• CD-R0M / YARA
  Hundred Days of Yara Challenge
  ☆12Updated 2 years ago
• mlgualtieri / PurpleTeamSummit
  ☆25Updated 3 years ago
• EmergingThreats / log4shell-detection
  ☆12Updated 2 years ago
• cedowens / C2-JARM
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆135Updated last year
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 3 years ago
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 4 years ago
• WithSecureLabs / tau-engine
  A document tagging library
  ☆29Updated last year
• mitre / stockpile
  A CALDERA plugin
  ☆72Updated 3 weeks ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• IceMoonHSV / Sim
  C# User Simulation
  ☆33Updated 2 years ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• BinaryDefense / IcedDecrypt
  IcedID Decryption Tool
  ☆27Updated 3 years ago
• mitre / atomic
  A MITRE Caldera plugin
  ☆38Updated this week
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 4 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago