Splunk Boss of the SOC v1 data set.
☆113Jun 13, 2018Updated 7 years ago
Alternatives and similar repositories for botsv1
Users that are interested in botsv1 are comparing it to the libraries listed below
Sorting:
- A Splunk app with saved reports derived from Sigma rules☆73Apr 24, 2018Updated 7 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆290Jan 15, 2024Updated 2 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- ☆14May 30, 2018Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- ☆445Aug 8, 2024Updated last year
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- An information security preparedness tool to do adversarial simulation.☆1,139Apr 1, 2019Updated 6 years ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆370Feb 7, 2019Updated 7 years ago
- The Seeker of IOC☆131Oct 2, 2020Updated 5 years ago
- SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]☆410Apr 21, 2020Updated 5 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- Python module to use the MISP Taxonomies☆31Feb 19, 2026Updated last week
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆13Oct 16, 2018Updated 7 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- ☆1,092May 1, 2019Updated 6 years ago
- Mimikatz HashClash☆12May 8, 2015Updated 10 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Feb 20, 2017Updated 9 years ago
- Test Blue Team detections without running any attack.☆271May 2, 2024Updated last year
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- Cerner's Splunk Cookbook☆31Aug 15, 2023Updated 2 years ago
- A script to track malware IOCs with OSINT on Twitter.☆54May 3, 2024Updated last year
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- A low to medium interaction honeypot.☆473Mar 21, 2024Updated last year
- ☆55Mar 2, 2022Updated 4 years ago
- IOC Management and Visualization Tool☆48Dec 8, 2022Updated 3 years ago