davidljohnson / SigGen
☆14Updated 11 months ago
Alternatives and similar repositories for SigGen:
Users that are interested in SigGen are comparing it to the libraries listed below
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated last month
- Anvilogic Forge☆103Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- ☆104Updated 10 months ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆108Updated 7 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆78Updated 2 weeks ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆21Updated 7 months ago
- pocket guide for core detection engineering concepts☆28Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆55Updated 3 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆81Updated last year
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- An opensource sigma conversion tool built using pysigma☆124Updated 4 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆72Updated 11 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 5 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆27Updated last year
- ☆93Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated last month
- ☆42Updated last month
- ☆87Updated 2 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆91Updated last year
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆30Updated last month
- A preconfigured Velociraptor triage collector☆51Updated this week
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆35Updated 2 years ago
- NOVA: The Prompt Pattern Matching☆60Updated last week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.☆53Updated this week
- Convert Sigma rules to SIEM queries, directly in your browser.☆74Updated this week
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- An index of publicly available and open-source threat detection rulesets.☆43Updated last week