cea-sec / openwecLinks
An implementation of a Windows Event Collector server running on GNU/Linux.
☆83Updated last month
Alternatives and similar repositories for openwec
Users that are interested in openwec are comparing it to the libraries listed below
Sorting:
- A pySigma wrapper to manage detection rules.☆43Updated 2 months ago
- Powershell module for VMWare vSphere forensics☆156Updated last year
- The core backend server handling API requests and task management☆49Updated last month
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆83Updated last month
- Forensic Artifact Collection Tool Matrix☆91Updated last year
- pySigma Elasticsearch backend☆54Updated last month
- Anything Sysmon related from the MSTIC R&D team☆155Updated last year
- LOKI2 - Simple IOC and YARA Scanner☆106Updated 5 months ago
- pySigma Splunk backend☆41Updated 3 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆85Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆94Updated last month
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆108Updated last year
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆23Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆166Updated last month
- The Sigma command line interface based on pySigma☆166Updated 2 weeks ago
- MDE relies on some of the Audit settings to be enabled☆100Updated 3 years ago
- A collection of tips for using MISP.☆75Updated 11 months ago
- ☆104Updated 4 months ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆93Updated 5 months ago
- Algorithme d'apprentissage statistique permettant de créer un modèle sur les lignes de commandes des évènements "Création de Processus", …☆83Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Updated 3 years ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆117Updated 2 years ago
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆91Updated 10 months ago
- An open source platform to support analysts to organise their case and tasks☆110Updated 2 weeks ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Updated 3 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆51Updated 6 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆88Updated 3 weeks ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆56Updated 2 years ago
- ☆53Updated last year