OSSEC Decoder & Rulesets for Sysmon Events
☆15Jul 23, 2015Updated 10 years ago
Alternatives and similar repositories for Sysmon_OSSEC
Users that are interested in Sysmon_OSSEC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 11 months ago
- V1.0☆14Aug 8, 2016Updated 9 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Process HTTP Pcaps With YARA☆108Jul 29, 2013Updated 12 years ago
- Volatility plugins☆12Feb 19, 2015Updated 11 years ago
- ☆11Oct 16, 2022Updated 3 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆18Oct 29, 2014Updated 11 years ago
- Logging plugin to bro to send logs to a Kafka broker☆20Nov 29, 2017Updated 8 years ago
- This is a simple Python script that connects to a MISP instance and retrieves attributes of specific types (such as IP addresses, URLs, a…☆16Feb 6, 2023Updated 3 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Python interface to the CRITs API☆22Mar 10, 2017Updated 9 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- ☆11Mar 17, 2015Updated 11 years ago
- Setup script for Red Teams☆14Apr 7, 2025Updated 11 months ago
- Modified edition of cuckoo☆18Feb 14, 2018Updated 8 years ago
- VirusTotal SIEM Integration and Automation☆18Jan 16, 2017Updated 9 years ago
- Configurations to implement Wazuh☆12Nov 28, 2022Updated 3 years ago
- Expandable Defensive Cyber Operations Platform☆44Sep 28, 2022Updated 3 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- A website and framework for testing NIDS detection☆57Aug 29, 2021Updated 4 years ago
- Maltego transforms for the ThreatCrowd search API☆47Apr 11, 2018Updated 7 years ago
- OSCP Scripts☆14Jan 21, 2016Updated 10 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- ☆16Updated this week
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- ☆25Oct 14, 2017Updated 8 years ago
- Bro scripts written by CrowdStrike Services☆150May 3, 2021Updated 4 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Feb 28, 2018Updated 8 years ago
- Script for generating Bro intel files from pdf or html reports☆77Dec 7, 2015Updated 10 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Jun 5, 2023Updated 2 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Scripts for Bro IDS and ELK Stack☆57Sep 2, 2015Updated 10 years ago
- module for osquery to load Bro logs into tables☆28Apr 28, 2015Updated 10 years ago