Stage2Sec / sigmalint
A simple linter for Sigma rules
☆12Updated 3 years ago
Related projects: ⓘ
- A Splunk app to use MISP in background☆109Updated 9 months ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 3 months ago
- Feed Generator for MISP☆19Updated last year
- ☆28Updated last year
- ☆41Updated 3 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆47Updated this week
- Collection of useful, up to date, Carbon Black Response Queries☆82Updated 3 years ago
- txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between th…☆21Updated 2 weeks ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- ☆83Updated 2 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Carbon Black Feeds☆70Updated last year
- InvestigationPlaybookSpec☆72Updated 6 years ago
- 📇 Digital Forensics Artifact Repository (forensicanalysis edition)☆71Updated 7 months ago
- stix-icons is a collection of colourful and clean icons for use in software, training and marketing material to visualize cyber threats a…☆32Updated last year
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆36Updated last year
- JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…☆18Updated 9 months ago
- An open source platform to support analysts to organise their case and tasks☆49Updated 2 weeks ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆93Updated 6 months ago
- ☆84Updated 4 months ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 2 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆26Updated 3 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆105Updated 4 years ago
- Security Monitoring Resolution Categories☆138Updated 2 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆41Updated 8 years ago
- The FASTEST way to consume threat intel.☆62Updated last year
- Scripts for TheHive.☆22Updated 4 years ago