dfir-ronin / APT-OpenIOC-Detection-RulesLinks
This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat groups.
☆25Updated 2 years ago
Alternatives and similar repositories for APT-OpenIOC-Detection-Rules
Users that are interested in APT-OpenIOC-Detection-Rules are comparing it to the libraries listed below
Sorting:
- Library of threat hunts to get any user started!☆45Updated 5 years ago
- Security Content for the PEAK Threat Hunting Framework☆39Updated last year
- simple webapp for converting sigma rules into siem queries using the pySigma library☆51Updated 2 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆67Updated last year
- pySigma Splunk backend☆41Updated 2 months ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆73Updated 3 months ago
- ☆11Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 10 months ago
- User Feedback Space of #MitreAssistant☆38Updated 2 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated 2 years ago
- yara detection rules for hunting with the threathunting-keywords project☆150Updated 5 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆90Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆81Updated 3 weeks ago
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Updated 3 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 7 months ago
- ShellSweeping the evil.☆53Updated last year
- ☆21Updated 3 years ago
- Cyber Threats Detection Rules☆14Updated last month
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Updated 2 years ago
- ☆22Updated 2 years ago
- Slides of my public talks☆56Updated last year
- An Adaptive Misuse Detection System☆44Updated 11 months ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Updated last year
- YARA rule analyzer to improve rule quality and performance☆104Updated 6 months ago
- ☆44Updated 3 months ago
- Automated detection rule analysis utility☆29Updated 3 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆87Updated 3 years ago
- Detection Engineering with YARA☆87Updated last year
- ☆88Updated 2 months ago