cea-sec / openwec

Related projects ⓘ

Alternatives and complementary repositories for openwec

• certeu / droid
  A pySigma wrapper to manage detection rules.
  ☆27Updated this week
• openrelik / openrelik-server
  The core backend server handling API requests and task management
  ☆31Updated this week
• sebdraven / IOCmite
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Updated 2 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆63Updated last month
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 7 months ago
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆66Updated this week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆146Updated 5 months ago
• DFIR-ORC / dfir-orc-config
  Configurations for DFIR ORC
  ☆24Updated 7 months ago
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆34Updated 7 months ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆122Updated 2 months ago
• j91321 / MISP2memcached
  Load MISP events into memcached for log enrichment using logstash
  ☆12Updated 4 years ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 4 months ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆68Updated 11 months ago
• cerebrate-project / cerebrate
  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…
  ☆83Updated 3 weeks ago
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆134Updated 3 months ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆25Updated 7 months ago
• sttor / awesome-osquery
  Osquery Resources
  ☆59Updated 5 years ago
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆73Updated 2 years ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 4 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆65Updated 2 weeks ago
• bfuzzy1 / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆89Updated last year
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• sumeshi / evtx2es
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆80Updated 4 months ago
• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 4 years ago
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆88Updated 2 years ago
• 00010111 / smbtimeline
  ☆31Updated 3 weeks ago
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆119Updated this week