These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.
☆59Jun 11, 2019Updated 6 years ago
Alternatives and similar repositories for QRCE-Rules
Users that are interested in QRCE-Rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Integrate IBM QRadar and RPA to automate security L1 tasks.☆14May 20, 2022Updated 4 years ago
- Scripts to automatically import threat intel into QRadar☆14Jun 20, 2019Updated 6 years ago
- NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export…☆26Jan 22, 2024Updated 2 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆87May 8, 2025Updated last year
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Jan 30, 2026Updated 3 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆51Apr 20, 2026Updated last month
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆43Jun 27, 2021Updated 4 years ago
- ☆20Oct 23, 2020Updated 5 years ago
- Basic log analysis tool to detect impossible travel via IP address geographic information☆20Apr 29, 2019Updated 7 years ago
- Scripts and lists to help generate YARA friendly string mutations☆22Apr 9, 2023Updated 3 years ago
- A collection of Sigma rules organized by MITRE ATT&CK technique☆18Apr 1, 2026Updated last month
- vim, xmonad, xmobar, bashrc, bash profile and inits☆18Apr 7, 2023Updated 3 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Apr 5, 2024Updated 2 years ago
- Volatility plugin to search for all Autostart Extensibility Points (AESPs)☆10May 16, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆15Nov 4, 2020Updated 5 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆433May 21, 2026Updated last week
- A series of cloud focused KQL queries for threat hunting and DFIR☆12Oct 21, 2025Updated 7 months ago
- Incognito Proxy chrome extension☆10Sep 27, 2023Updated 2 years ago
- Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management☆18Jan 24, 2024Updated 2 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Oct 28, 2023Updated 2 years ago
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 3 years ago
- All about ransomware notes and extension files.☆14Aug 26, 2023Updated 2 years ago
- Example scripts and rules for use in Resilient playbooks.☆35Dec 15, 2023Updated 2 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Security event correlation engine for ELK stack☆445Jun 26, 2024Updated last year
- Python client for McAfee ePolicy Orchestrator☆15Mar 12, 2021Updated 5 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆69Aug 13, 2021Updated 4 years ago
- Recovered samples, extracted Wasm/binaries, decoded payloads & analysis scripts from the Coruna iOS/macOS exploit kit (b27.icu). 28 JS mo…☆55May 9, 2026Updated 3 weeks ago
- A web scraper to create MISP events and reports☆17May 11, 2026Updated 2 weeks ago
- ☆17Oct 29, 2023Updated 2 years ago
- Google Cloud Security Command Center to Azure Sentinel Connector☆18Jul 15, 2023Updated 2 years ago
- not an exploit or a poc☆16Apr 15, 2022Updated 4 years ago
- Muteces (mutexes/mutants) used by various malware families☆24Nov 11, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- Postman collections for interacting with Cisco Stealthwatch Enterprise APIs☆10Apr 26, 2023Updated 3 years ago
- QRadar AQL backend for converting Sigma rules to QRadar AQL queries☆14Sep 18, 2025Updated 8 months ago
- Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166☆19Nov 4, 2021Updated 4 years ago
- Useful resources about phishing email analysis☆87Jan 31, 2025Updated last year
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 6 years ago
- Community Detection Signature Build and Distribution Pipeline for YARA, Suricata, Snort and Sigma☆27Jun 20, 2023Updated 2 years ago