corelight / zeek-cheatsheetsLinks
Zeek Log Cheatsheets
☆292Updated 2 years ago
Alternatives and similar repositories for zeek-cheatsheets
Users that are interested in zeek-cheatsheets are comparing it to the libraries listed below
Sorting:
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year
- Zeek-Formatted Threat Intelligence Feeds☆367Updated this week
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆562Updated 3 years ago
- Splunk Boss of the SOC version 2 dataset.☆381Updated 2 years ago
- ☆216Updated last year
- MISP trainings, threat intel and information sharing training materials with source code☆408Updated last week
- A collection of intelligence about Log4Shell and its exploitation activity.☆184Updated 3 years ago
- Passive service locator, a python sniffer that identifies servers, clients, names and much more☆251Updated 2 years ago
- This is a repository for freq.py and freq_server.py☆208Updated 4 years ago
- User guide of MISP☆268Updated 5 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 2 months ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆296Updated 8 months ago
- Build a attack range in your local machine☆131Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆593Updated 11 months ago
- A list of my personal projects☆177Updated 2 years ago
- A curated list of awesome things related to TheHive & Cortex☆180Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Consolidation of various resources related to Microsoft Sysmon & sample data/log☆110Updated 3 years ago
- ☆120Updated 3 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆409Updated last year
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- Resources for SANS CTI Summit 2021 presentation☆103Updated last year
- Misc Threat Hunting Resources☆373Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆498Updated 9 months ago
- Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries☆449Updated 3 years ago
- Home for Splunk security datasets.☆125Updated 5 years ago
- Tools for simulating threats☆185Updated last year
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆246Updated 3 years ago
- Threat-Intelligence Feeds & Tools & Frameworks☆217Updated 11 months ago
- an awesome list of active defense resources☆120Updated 4 years ago