bfuzzy1 / auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
☆87Updated 11 months ago
Related projects: ⓘ
- Anything Sysmon related from the MSTIC R&D team☆143Updated 3 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆184Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- Cisco Orbital - Osquery queries by Talos☆122Updated 3 weeks ago
- A CALDERA plugin☆72Updated 3 months ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- simple YARA-based IOC scanner☆162Updated 3 weeks ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆105Updated 4 years ago
- Build a attack range in your local machine☆130Updated last year
- ☆78Updated 4 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆255Updated last year
- ☆124Updated 9 months ago
- Automated Use Case Testing☆163Updated 6 years ago
- Sigma rules from Joe Security☆199Updated last month
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆110Updated last year
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆60Updated 4 months ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆47Updated 2 months ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆263Updated 8 months ago
- Threat Hunting & Incident Investigation with Osquery☆197Updated 2 years ago
- Public Repo for Atomic Test Harness☆244Updated 2 months ago
- A curated list of awesome things related to TheHive & Cortex☆170Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆207Updated 2 years ago
- Docker image for MISP☆109Updated last week
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆83Updated last year
- Convert Sigma rules to Wazuh rules☆55Updated 5 months ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- OSSEM Detection Model☆166Updated last year
- Detecting ATT&CK techniques & tactics for Linux