Security-Experts-Community / vscode-xp

Related projects ⓘ

Alternatives and complementary repositories for vscode-xp

• Security-Experts-Community / open-xp-rules
  Открытый репозиторий с правилами на языке eXtraction and Processing (XP)
  ☆20Updated 2 weeks ago
• Security-Experts-Community / siem-monkey
  Chrome extension for SOC automations
  ☆33Updated 2 weeks ago
• Security-Experts-Community / ERMACK
  Enterprise Response Model & Common Knowledge
  ☆36Updated 5 months ago
• feedb / MPSiem_addons
  реп полезностей для PT MaxPatrol SIEM
  ☆25Updated last year
• vxcontrol / soldr
  System of Orchestration, Lifecycle control, Detection and Response
  ☆57Updated 10 months ago
• GenRockeR / mpsiemlib
  MP SIEM SDK
  ☆23Updated 4 months ago
• SigmaHQ / pySigma
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆399Updated this week
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
  ☆310Updated 5 months ago
• AndrewRathbun / DFIRArtifactMuseum
  The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…
  ☆555Updated last week
• orlikoski / CyLR
  CyLR - Live Response Collection Tool
  ☆647Updated 2 years ago
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆768Updated last year
• executemalware / Malware-IOCs
  ☆505Updated last month
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆556Updated last year
• EricZimmerman / KapeFiles
  This repository serves as a place for community created Targets and Modules for use with KAPE.
  ☆657Updated last week
• SigmaHQ / sigma-specification
  Sigma rule specification
  ☆111Updated 2 weeks ago
• MISP / misp-training
  MISP trainings, threat intel and information sharing training materials with source code
  ☆389Updated this week
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆528Updated 2 months ago
• atc-project / atc-react
  A knowledge base of actionable Incident Response techniques
  ☆614Updated 2 years ago
• tclahr / uac
  UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of …
  ☆799Updated this week
• reversinglabs / reversinglabs-yara-rules
  ReversingLabs YARA Rules
  ☆770Updated last month
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆473Updated last week
• OpenCTI-Platform / connectors
  OpenCTI Connectors
  ☆383Updated this week
• atc-project / atomic-threat-coverage
  Actionable analytics designed to combat threats
  ☆972Updated 2 years ago
• evild3ad / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆544Updated 3 weeks ago
• MHaggis / sysmon-dfir
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆899Updated 11 months ago
• MISP / misp-book
  User guide of MISP
  ☆259Updated last month
• wagga40 / Zircolite
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆681Updated this week
• V1D1AN / S1EM
  This project is a SIEM with SIRP and Threat Intel, all in one.
  ☆412Updated 10 months ago
• curiv / russian-offensive-security-questions
  Репозиторий содержит список вопросов по наступальной безопасности.
  ☆186Updated last week
• jacobdjwilson / awesome-annual-security-reports
  A curated list of annual cyber security reports
  ☆331Updated this week