amalone341 / YARA-L-Work

Related projects ⓘ

Alternatives and complementary repositories for YARA-L-Work

• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆106Updated 9 months ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 3 weeks ago
• redcanaryco / redcanary-response-utils
  Tools to automate and/or expedite response.
  ☆113Updated 4 months ago
• redcanaryco / surveyor
  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
  ☆182Updated this week
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆127Updated 3 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆75Updated 3 years ago
• P4T12ICK / Sigma-Hunting-App
  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
  ☆107Updated 4 years ago
• SigmaHQ / cookiecutter-pySigma-backend
  pySigma Cookiecutter backend template
  ☆21Updated last week
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆97Updated this week
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆85Updated 4 years ago
• dstaulcu / TA-Sigma-Searches
  A Splunk app with saved reports derived from Sigma rules
  ☆72Updated 6 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• SecurityNik / Data-Science-and-ML
  ☆31Updated 3 months ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆54Updated 2 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆123Updated 2 months ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆72Updated 2 years ago
• OTRF / OSSEM-DM
  OSSEM Detection Model
  ☆168Updated 2 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆115Updated 4 years ago
• pan-unit42 / playbook_viewer
  ☆168Updated 4 months ago
• k-bailey / detection-engineering-maturity-matrix
  ☆87Updated 2 years ago
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆83Updated 4 years ago
• center-for-threat-informed-defense / attack_to_veris
  🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …
  ☆71Updated 7 months ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆66Updated 3 years ago
• d3sre / Use_Case_Applicability
  Security Monitoring Resolution Categories
  ☆138Updated 2 years ago
• megan201296 / gsuite-dfir
  ☆41Updated 3 years ago
• annamcabee / Mitre-Attack-API
  Python module to interact with the MITRE attack framework via the MITRE API
  ☆73Updated 7 years ago
• carbonblack / cbfeeds
  Carbon Black Feeds
  ☆70Updated last year
• RH-ISAC / PyOTI
  Python library for threat intelligence
  ☆80Updated 4 months ago