cea-sec / openwecLinks
An implementation of a Windows Event Collector server running on GNU/Linux.
☆77Updated last week
Alternatives and similar repositories for openwec
Users that are interested in openwec are comparing it to the libraries listed below
Sorting:
- A pySigma wrapper to manage detection rules.☆41Updated last week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- pySigma Elasticsearch backend☆54Updated this week
- The core backend server handling API requests and task management☆46Updated this week
- Powershell module for VMWare vSphere forensics☆155Updated 9 months ago
- Forensic Artifact Collection Tool Matrix☆89Updated 9 months ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- The Sigma command line interface based on pySigma☆158Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆86Updated this week
- Automated YARA Rule Standardization and Quality Assurance Tool☆239Updated this week
- pySigma Splunk backend☆41Updated last week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆156Updated 6 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 3 months ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆78Updated this week
- A collection of tips for using MISP.☆74Updated 8 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆109Updated 10 months ago
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆83Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆45Updated 2 weeks ago
- OSSEM Data Dictionaries☆62Updated 7 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆113Updated last year
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆84Updated last year
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆187Updated last week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆86Updated 6 months ago
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆90Updated 7 months ago
- ☆101Updated last month
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆128Updated last year
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Updated 2 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆94Updated last week