chronicle / content-hubLinks
Chronicle Content Marketplace
☆31Updated this week
Alternatives and similar repositories for content-hub
Users that are interested in content-hub are comparing it to the libraries listed below
Sorting:
- The CrowdStrike Falcon SDK for Python☆463Updated 3 weeks ago
- Open Source Security Operations Center Documentation☆206Updated 7 months ago
- This repository contains Community and Field contributed content for LogScale☆312Updated this week
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆758Updated 2 weeks ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆751Updated 5 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆814Updated 2 weeks ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆743Updated last year
- PowerShell Digital Forensics & Incident Response Scripts.☆758Updated 2 weeks ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,626Updated last week
- Splunk Boss of the SOC version 3 dataset.☆402Updated 5 years ago
- Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.☆613Updated 3 months ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆571Updated last month
- Open source templates you can use to bootstrap your security programs☆885Updated last month
- Hunting queries and detections☆876Updated 3 months ago
- A pipeline for ingesting Jumpcloud directory events into Wazuh☆17Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,119Updated last month
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆519Updated last week
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆484Updated last year
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆710Updated 2 months ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆240Updated 2 years ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆275Updated 3 weeks ago
- A comprehensive collection of cybersecurity information sources, news providers, and security resources.☆157Updated last year
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆419Updated 5 months ago
- Открытый репозиторий с правилами на языке eXtraction and Processing (XP)☆28Updated 4 months ago
- ☆165Updated 2 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆411Updated 2 months ago
- Intro Labs Remastered☆34Updated 10 months ago
- IRIS Module to Run Any Velociraptor Artifact☆15Updated 2 years ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆296Updated last week
- Collection of example YARA-L rules for use within Google Security Operations☆471Updated last month