OSSEC Decoder & Rulesets for Sysmon Events
☆15Jul 23, 2015Updated 10 years ago
Alternatives and similar repositories for Sysmon_OSSEC
Users that are interested in Sysmon_OSSEC are comparing it to the libraries listed below
Sorting:
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- ☆11Oct 16, 2022Updated 3 years ago
- Volatility plugins☆12Feb 19, 2015Updated 11 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 10 months ago
- Setup script for Red Teams☆14Apr 7, 2025Updated 10 months ago
- Process HTTP Pcaps With YARA☆108Jul 29, 2013Updated 12 years ago
- V1.0☆15Aug 8, 2016Updated 9 years ago
- Reading List for CSIRT Team Members☆17Oct 21, 2019Updated 6 years ago
- This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, a…☆16Feb 6, 2023Updated 3 years ago
- Tony's collection of powershell scripts, typically geared toward cybersec☆35Jan 16, 2026Updated last month
- Suricata Extreme Performance Tuning guide☆213Mar 15, 2018Updated 7 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- OSCP Scripts☆14Jan 21, 2016Updated 10 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆17Oct 29, 2014Updated 11 years ago
- Python interface to the CRITs API☆22Mar 10, 2017Updated 8 years ago
- ☆16Dec 26, 2022Updated 3 years ago
- Modified edition of cuckoo☆18Feb 14, 2018Updated 8 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago
- Expandable Defensive Cyber Operations Platform☆44Sep 28, 2022Updated 3 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- VirusTotal SIEM Integration and Automation☆18Jan 16, 2017Updated 9 years ago
- Logging plugin to bro to send logs to a Kafka broker☆20Nov 29, 2017Updated 8 years ago
- Maltego transforms for the ThreatCrowd search API☆47Apr 11, 2018Updated 7 years ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- SSH & Basic Web Applications brute-forcing attempts are visible in your mailbox with this tool.☆19Jan 9, 2020Updated 6 years ago
- Created on 10th August 2017. Purpose of this Project is to note down every useful object I gained during the time I spent working on OSCP…☆19Feb 26, 2018Updated 8 years ago
- ☆25Oct 14, 2017Updated 8 years ago
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 6 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- uses keywords from alert logs to send SMS☆24Nov 20, 2015Updated 10 years ago
- Bro scripts written by CrowdStrike Services☆150May 3, 2021Updated 4 years ago
- bro on debian with elasticsearch support☆24Mar 27, 2017Updated 8 years ago
- A website and framework for testing NIDS detection☆57Aug 29, 2021Updated 4 years ago
- Scripts for Bro IDS and ELK Stack☆57Sep 2, 2015Updated 10 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆55Nov 25, 2020Updated 5 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- module for osquery to load Bro logs into tables☆28Apr 28, 2015Updated 10 years ago