cisagov / parsnipLinks
☆71Updated 4 months ago
Alternatives and similar repositories for parsnip
Users that are interested in parsnip are comparing it to the libraries listed below
Sorting:
- Repository that contains a set of purposefully erroneous Yara rules.☆51Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 8 months ago
- Rules shared by the community from 100 Days of YARA 2025☆33Updated 5 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆75Updated last week
- Convert Sigma rules to SIEM queries, directly in your browser.☆89Updated last week
- An index of publicly available and open-source threat detection rulesets.☆114Updated 2 months ago
- ☆74Updated this week
- ☆26Updated 2 years ago
- Mapping of open-source detection rules and atomic tests.☆168Updated 5 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆42Updated last month
- ☆92Updated last month
- Elastic version of SOC prime watcher rules☆29Updated 8 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆77Updated 2 weeks ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆51Updated 5 months ago
- Slides of my public talks☆55Updated last year
- God Mode Detection Rules☆134Updated 10 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 weeks ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 11 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆96Updated 7 months ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆30Updated 2 months ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.☆34Updated 3 years ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆26Updated 7 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆107Updated 8 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- DShield Sensor Log Collection with ELK☆28Updated 2 weeks ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆76Updated 2 months ago
- create a "simulated internet" cyber range environment☆17Updated last month