cea-sec / openwecLinks
An implementation of a Windows Event Collector server running on GNU/Linux.
☆77Updated last week
Alternatives and similar repositories for openwec
Users that are interested in openwec are comparing it to the libraries listed below
Sorting:
- pySigma Elasticsearch backend☆54Updated last week
- A pySigma wrapper to manage detection rules.☆41Updated last month
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 4 months ago
- Forensic Artifact Collection Tool Matrix☆90Updated 10 months ago
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆91Updated 8 months ago
- Powershell module for VMWare vSphere forensics☆155Updated 10 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆160Updated 7 months ago
- The core backend server handling API requests and task management☆47Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆87Updated 2 weeks ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 4 months ago
- The Sigma command line interface based on pySigma☆159Updated 3 weeks ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆82Updated 3 weeks ago
- LOKI2 - Simple IOC and YARA Scanner☆102Updated 2 months ago
- ☆101Updated 2 months ago
- A repository to share publicly available Velociraptor detection content☆186Updated last week
- A collection of tips for using MISP.☆74Updated 9 months ago
- pySigma Splunk backend☆41Updated 3 weeks ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆109Updated 11 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆242Updated this week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆48Updated 4 months ago
- A repository of my own Sigma detection rules.☆161Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆130Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆23Updated 11 months ago
- ☆53Updated last year
- A list of RMMs designed to be used in automation to build alerts☆112Updated 5 months ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆42Updated 2 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆96Updated this week
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆54Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆133Updated 3 weeks ago