bro / bro-osquery
Bro integration with osquery
☆14Updated last year
Related projects: ⓘ
- Detect kerberos attacks in pcap files☆27Updated 8 years ago
- ☆52Updated 5 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆15Updated 3 years ago
- Old home of LimaCharlie, open source EDR☆29Updated last year
- ☆27Updated this week
- OSSEM Modular☆27Updated 4 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 5 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆36Updated last year
- Public rules and samples for various automations through LimaCharlie.io☆11Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- How to Zeek Sysmon Logs!☆100Updated 2 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- pollen - A command-line tool for interacting with TheHive☆34Updated 5 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 4 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- Bro PCAP Processing and Tagging API☆27Updated 6 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆33Updated 5 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Updated 4 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 5 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Updated 3 years ago
- Matt's DFIR blog☆13Updated 10 months ago
- Cybersecurity Incidents Mind Maps☆32Updated 2 years ago
- Splunk app for Threat hunting☆15Updated 5 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆76Updated 2 years ago
- ☆12Updated 4 years ago
- Automated detection rule analysis utility☆29Updated last year
- Presentation materials for talks I've given.☆20Updated 4 years ago
- Historical Observations of Actionable Reputation Data☆13Updated 6 years ago
- ☆33Updated 3 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Updated 4 years ago