bfuzzy / auditd-attackLinks
A Linux Auditd rule set mapped to MITRE's Attack Framework
☆792Updated 4 years ago
Alternatives and similar repositories for auditd-attack
Users that are interested in auditd-attack are comparing it to the libraries listed below
Sorting:
- Mapping the MITRE ATT&CK Matrix with Osquery☆794Updated 2 years ago
- A repository for using osquery for incident detection and response☆849Updated 2 years ago
- ☆1,073Updated 6 years ago
- An information security preparedness tool to do adversarial simulation.☆1,123Updated 6 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆722Updated 5 years ago
- Actionable analytics designed to combat threats☆986Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆917Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,310Updated last year
- Modular file scanning/analysis framework☆618Updated 5 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆453Updated last year
- Create actionable data from your Vulnerability Scans☆1,380Updated 2 years ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆479Updated last week
- A set of Zeek scripts to detect ATT&CK techniques.☆592Updated 11 months ago
- Open Source Security Events Metadata (OSSEM)☆1,266Updated 2 years ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆465Updated 6 years ago
- Machinae Security Intelligence Collector☆523Updated last year
- An analytical framework for network traffic and behavioral analytics☆452Updated 2 years ago
- A collection of sources of indicators of compromise.☆864Updated 3 weeks ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,277Updated 4 months ago
- Online hash checker for Virustotal and other services☆825Updated 2 months ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- 16,432 Free Yara rules created by☆383Updated 6 years ago
- CRITs - Collaborative Research Into Threats☆902Updated 5 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆544Updated 2 years ago
- Real-time, container-based file scanning at enterprise scale☆925Updated last week
- Incident Response Methodologies☆1,024Updated 6 years ago
- Documentation of TheHive☆397Updated last year
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year