Threat Alert Logic Repository
☆93Feb 7, 2019Updated 7 years ago
Alternatives and similar repositories for TALR
Users that are interested in TALR are comparing it to the libraries listed below
Sorting:
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 3 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆115May 18, 2020Updated 5 years ago
- Open-source framework to detect outliers in Elasticsearch events☆205May 22, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆60Aug 3, 2019Updated 6 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- Community-based CybergON-powered Suricata rules☆12Jul 5, 2022Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams☆37Jan 21, 2022Updated 4 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- Matt's DFIR blog☆14Jul 28, 2025Updated 7 months ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Python tool for converting from joy format to JA3 format SSL/TLS hashes☆11Jun 3, 2020Updated 5 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,173Jul 26, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- Add POST body excerpt to Bro's HTTP log☆14Dec 10, 2025Updated 2 months ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Mar 14, 2022Updated 3 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆177Jun 10, 2021Updated 4 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- VPS infrastructure found in HT dumps☆26Jul 10, 2015Updated 10 years ago
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- brocon-15 scripts☆13Apr 3, 2017Updated 8 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- misp-cloud - Cloud-ready images of MISP☆74Aug 24, 2022Updated 3 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- A browser extension that seamlessly integrates your yara match notifications into VirusTotal Intelligence.☆17Feb 8, 2015Updated 11 years ago
- ☆77Jul 22, 2020Updated 5 years ago
- Threat Intelligence distribution☆31Dec 30, 2015Updated 10 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago