dfir-ronin / APT-OpenIOC-Detection-RulesLinks
This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat groups.
☆24Updated last year
Alternatives and similar repositories for APT-OpenIOC-Detection-Rules
Users that are interested in APT-OpenIOC-Detection-Rules are comparing it to the libraries listed below
Sorting:
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆54Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 2 weeks ago
- ShellSweeping the evil.☆52Updated 11 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 2 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆27Updated this week
- ☆11Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Contains compiled binaries of Volatility☆33Updated 2 weeks ago
- An Adaptive Misuse Detection System☆40Updated 6 months ago
- Security Content for the PEAK Threat Hunting Framework☆29Updated last year
- Automated detection rule analysis utility☆29Updated 2 years ago
- yara detection rules for hunting with the threathunting-keywords project☆120Updated 3 weeks ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- ☆19Updated 3 years ago
- Quick ESXi Log Parser☆20Updated 4 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆73Updated 6 months ago
- User Feedback Space of #MitreAssistant☆37Updated 2 years ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Updated last year
- A collection of Sigma rules organized by MITRE ATT&CK technique☆17Updated 3 years ago
- Cyber Threats Detection Rules☆14Updated last week
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆35Updated 2 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated last week
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- A MITRE Caldera plugin☆43Updated 6 months ago
- Links to malware-related YARA rules☆15Updated 2 years ago