Stage2Sec / sigmalint

Related projects: ⓘ

• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 9 months ago
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆84Updated 4 years ago
• PaloAltoNetworks / ioc-parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆72Updated 3 months ago
• coolacid / misp_feedgen
  Feed Generator for MISP
  ☆19Updated last year
• 00010111 / smbtimeline
  ☆28Updated last year
• megan201296 / gsuite-dfir
  ☆41Updated 3 years ago
• MISP / misp-stix
  MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
  ☆47Updated this week
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆82Updated 3 years ago
• muchdogesec / txt2stix
  txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between th…
  ☆21Updated 2 weeks ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• k-bailey / detection-engineering-maturity-matrix
  ☆83Updated 2 years ago
• syloktools / MISP-QRADAR-REFERENCE-SET-BUILDER
  Pulls IOCs from MISP and adds the to reference sets in QRadar
  ☆33Updated last year
• carbonblack / cbfeeds
  Carbon Black Feeds
  ☆70Updated last year
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 6 years ago
• forensicanalysis / artifacts
  📇 Digital Forensics Artifact Repository (forensicanalysis edition)
  ☆71Updated 7 months ago
• eclecticiq / stix-icons
  stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…
  ☆32Updated last year
• carbonblack / cb-yara-connector
  Analyze binaries collected in VMware Carbon Black EDR against Yara rules.
  ☆36Updated last year
• cyentific-rni / cacao-json-schemas
  JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…
  ☆18Updated 9 months ago
• flowintel / flowintel
  An open source platform to support analysts to organise their case and tasks
  ☆49Updated 2 weeks ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆93Updated 6 months ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆84Updated 4 months ago
• neolea / neolea-training-materials
  Open source training materials for law-enforcement and organisations interested in DFIR.
  ☆55Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• TheHive-Project / TheHiveHooks
  This is a python tool aiming to make using TheHive webhooks easier.
  ☆26Updated 3 years ago
• P4T12ICK / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆105Updated 4 years ago
• d3sre / Use_Case_Applicability
  Security Monitoring Resolution Categories
  ☆138Updated 2 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• sans-blue-team / NSM
  This repository is created to add value to existing Network Security Monitoring solutions.
  ☆41Updated 8 years ago
• csirtgadgets / cif-v5
  The FASTEST way to consume threat intel.
  ☆62Updated last year
• pierrebarlet / qradar2thehive
  Scripts for TheHive.
  ☆22Updated 4 years ago