Security-Experts-Community / vscode-xp

Related projects ⓘ

Alternatives and complementary repositories for vscode-xp

• Security-Experts-Community / open-xp-rules
  Открытый репозиторий с правилами на языке eXtraction and Processing (XP)
  ☆20Updated this week
• Security-Experts-Community / siem-monkey
  Chrome extension for SOC automations
  ☆33Updated last week
• Security-Experts-Community / ERMACK
  Enterprise Response Model & Common Knowledge
  ☆36Updated 5 months ago
• feedb / MPSiem_addons
  реп полезностей для PT MaxPatrol SIEM
  ☆25Updated last year
• vxcontrol / soldr
  System of Orchestration, Lifecycle control, Detection and Response
  ☆57Updated 10 months ago
• GenRockeR / mpsiemlib
  MP SIEM SDK
  ☆23Updated 3 months ago
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆765Updated last year
• V1D1AN / S1EM
  This project is a SIEM with SIRP and Threat Intel, all in one.
  ☆410Updated 9 months ago
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆553Updated last year
• AndrewRathbun / DFIRArtifactMuseum
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆554Updated this week
• executemalware / Malware-IOCs
  ☆505Updated last month
• OpenCTI-Platform / connectors
  OpenCTI Connectors
  ☆380Updated this week
• tclahr / uac
  UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of …
  ☆795Updated last week
• mthcht / awesome-lists
  Awesome Security lists for SOC/CERT/CTI
  ☆704Updated this week
• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆395Updated this week
• center-for-threat-informed-defense / attack-workbench-frontend
  An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…
  ☆322Updated last week
• cyb3rxp / awesome-soc
  A collection of sources of documentation, as well as field best practices, to build/run a SOC
  ☆1,225Updated this week
• splunk / attack_data
  A repository of curated datasets from various attacks
  ☆587Updated this week
• Swordfish-Security / awesome-devsecops-russia
  Awesome DevSecOps на русском языке
  ☆302Updated last year
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆586Updated 4 months ago
• reversinglabs / reversinglabs-yara-rules
  ReversingLabs YARA Rules
  ☆761Updated last month
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆466Updated this week
• curiv / russian-offensive-security-questions
  Репозиторий содержит список вопросов по наступальной безопасности.
  ☆185Updated this week
• BushidoUK / Ransomware-Tool-Matrix
  A resource containing all the tools each ransomware gangs uses
  ☆728Updated this week
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆525Updated 2 months ago
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆710Updated last week
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
  ☆306Updated 5 months ago
• devopshq / dohq-ai-best-practices
  Внедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/
  ☆33Updated 2 years ago
• socfortress / Wazuh-Rules
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆594Updated 2 months ago
• TonyPhipps / SIEM
  SIEM Tactics, Techiques, and Procedures
  ☆585Updated 3 weeks ago