A pySigma wrapper to manage detection rules.
☆45Mar 9, 2026Updated last week
Alternatives and similar repositories for droid
Users that are interested in droid are comparing it to the libraries listed below
Sorting:
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 6 months ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Storage for the IOCs I collect☆11Mar 26, 2025Updated 11 months ago
- A collection of tips for using MISP.☆76Dec 11, 2024Updated last year
- ☆44Nov 28, 2025Updated 3 months ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Apr 22, 2024Updated last year
- A Zeek package that detects Zoom logins and meeting joins☆12Apr 15, 2020Updated 5 years ago
- API Hashing and String Decryption Reverse Engineering Workshop☆20Jul 26, 2023Updated 2 years ago
- An opensource sigma conversion tool built using pysigma☆163Feb 9, 2026Updated last month
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Sep 21, 2025Updated 6 months ago
- Experiments involving the Windows Hypervisor Platform☆23Jun 24, 2020Updated 5 years ago
- ☆12Aug 13, 2018Updated 7 years ago
- Load MISP events into memcached for log enrichment using logstash☆12Jul 10, 2020Updated 5 years ago
- Vuls Beater for Elasticsearch - connecting vuls☆17Dec 15, 2020Updated 5 years ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆92Nov 3, 2025Updated 4 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- ☆15Nov 25, 2021Updated 4 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- ☆39Updated this week
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Windows Application Attack Surface Analyzer☆24Feb 22, 2024Updated 2 years ago
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- Volatility 3 Plugins☆21Oct 3, 2022Updated 3 years ago
- MDE/MDI Defender setup for Ludus☆54Mar 14, 2026Updated last week
- A geolocation button for streamlit☆19Nov 18, 2023Updated 2 years ago
- Maltego local and server integration for OpenCTI☆31Mar 6, 2026Updated 2 weeks ago
- A dynamic inventory script for Ansible that interacts with the Nutanix API☆27Feb 10, 2017Updated 9 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆73Aug 20, 2025Updated 7 months ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆143Oct 12, 2020Updated 5 years ago
- Klara docker compose☆11May 19, 2020Updated 5 years ago
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated last year
- ☆16Aug 29, 2025Updated 6 months ago
- Sample evtx files to use for testing hayabusa detection rules☆65Nov 5, 2025Updated 4 months ago
- TCP Data Transfer Tool By ClumsyLulz☆12Feb 25, 2023Updated 3 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- A repository to share publicly available Velociraptor detection content☆196Mar 15, 2026Updated last week
- A collection of helpful resources related to Cybersecurity and a lot more.☆25Feb 22, 2026Updated last month
- Documentation and scripts to properly enable Windows event logs.☆673Oct 3, 2025Updated 5 months ago
- The Sigma command line interface based on pySigma☆181Feb 5, 2026Updated last month