Securonix / AutonomousThreatSweeperLinks
Threat Hunting queries for various attacks
☆239Updated this week
Alternatives and similar repositories for AutonomousThreatSweeper
Users that are interested in AutonomousThreatSweeper are comparing it to the libraries listed below
Sorting:
- Rules generated from our investigations.☆201Updated 3 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆385Updated 8 months ago
- Sigma rules from Joe Security☆221Updated 11 months ago
- Zeek-Formatted Threat Intelligence Feeds☆377Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆136Updated last year
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆189Updated 3 years ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆590Updated 8 months ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆328Updated last week
- OSSEM Detection Model☆179Updated 2 years ago
- Signatures and IoCs from public Volexity blog posts.☆356Updated 3 weeks ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆155Updated 6 months ago
- Threat Hunting tool about Sysmon and graphs☆334Updated 2 years ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆608Updated 2 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆146Updated 2 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆203Updated last week
- ☆144Updated 2 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆116Updated 5 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆161Updated 7 months ago
- MAL-CL (Malicious Command-Line)☆319Updated 2 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.☆184Updated 3 years ago
- Indicators of Compromise☆222Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆66Updated last year
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆210Updated 5 years ago
- Welcome to the SEKOIA.IO Community repository!☆164Updated 2 months ago
- ☆513Updated 11 months ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 6 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆205Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆747Updated 6 months ago
- ☆195Updated last year
- Live forensic artifacts collector☆171Updated last year