Splunk Boss of the SOC v1 data set.
☆113Jun 13, 2018Updated 7 years ago
Alternatives and similar repositories for botsv1
Users that are interested in botsv1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Splunk app with saved reports derived from Sigma rules☆73Apr 24, 2018Updated 7 years ago
- ☆446Aug 8, 2024Updated last year
- Cerner's Splunk Cookbook☆31Aug 15, 2023Updated 2 years ago
- Yara rules I've written☆10Dec 9, 2015Updated 10 years ago
- ☆59May 1, 2019Updated 6 years ago
- ☆55Mar 2, 2022Updated 4 years ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 7 years ago
- SSMA - Simple Static Malware Analyzer [This project is not maintained anymore by me]☆410Apr 21, 2020Updated 5 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆291Jan 15, 2024Updated 2 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- ☆14May 30, 2018Updated 7 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆370Feb 7, 2019Updated 7 years ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,616Dec 10, 2018Updated 7 years ago
- ☆20Dec 23, 2021Updated 4 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- ☆123Jan 27, 2022Updated 4 years ago
- Command-line Interface for Binar.ly☆39Jan 13, 2017Updated 9 years ago
- Mimikatz HashClash☆12May 8, 2015Updated 10 years ago
- ☆1,090May 1, 2019Updated 6 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- The Seeker of IOC☆131Oct 2, 2020Updated 5 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- Simple SSH server that serves anonymous git repositories (read-only)☆11Oct 18, 2018Updated 7 years ago
- Exposing the Neutrino EK: All the Naughty Bits (BSidesLV16)☆16Oct 10, 2016Updated 9 years ago
- Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch☆61Feb 20, 2017Updated 9 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago