calebstewart / python-sigma

Related projects ⓘ

Alternatives and complementary repositories for python-sigma

• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆35Updated 11 months ago
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆47Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆90Updated 2 years ago
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆82Updated 2 months ago
• CrowdStrike / xwf-yara-scanner
  ☆84Updated 8 months ago
• mvelazc0 / PurpleTeamPlaybook
  Active Directory Purple Team Playbook
  ☆104Updated last year
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆59Updated 2 months ago
• mlgualtieri / PurpleTeamSummit
  ☆25Updated 3 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆25Updated 6 months ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated last year
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆68Updated 11 months ago
• DefensiveOrigins / DO-LAB
  ☆43Updated 3 weeks ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆57Updated 2 years ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated last year
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆72Updated last week
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• Neo23x0 / ThreatResearch-Reporting-Guide
  Offensive Research Guide to Help Defense Improve Detection
  ☆29Updated last year
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆75Updated 3 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆56Updated 3 weeks ago
• mattnotmax / DFIR-notes
  Random notes collected on the intertubes relating to DFIR
  ☆32Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• CyberSecurityUP / Adversary-Emulation-Matrix
  ☆61Updated 3 years ago