ebarti / cortex-xdr-clientLinks
A python-based API client for Cortex XDR API.
☆26Updated last week
Alternatives and similar repositories for cortex-xdr-client
Users that are interested in cortex-xdr-client are comparing it to the libraries listed below
Sorting:
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆145Updated last week
- Anything Sysmon related from the MSTIC R&D team☆154Updated last year
- ☆547Updated last year
- ☆160Updated last year
- ATT&CK Evaluations Library☆68Updated 3 weeks ago
- Threat Hunting queries for various attacks☆237Updated last week
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 3 weeks ago
- Protect your Domain Controllers by auditing and restricting LDAP requests☆172Updated last month
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆582Updated 6 months ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆372Updated 6 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆185Updated this week
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆317Updated 2 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆740Updated 4 months ago
- Hunting queries and detections☆815Updated 6 months ago
- yara detection rules for hunting with the threathunting-keywords project☆124Updated 2 months ago
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆117Updated 2 years ago
- OSSEM Detection Model☆176Updated 2 years ago
- Ransomware simulator written in Golang☆441Updated 3 years ago
- Automatically created C2 Feeds☆628Updated this week
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆240Updated this week
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆403Updated 9 months ago
- ☆13Updated 2 years ago
- Sigma rules to share with the community☆121Updated 5 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆667Updated this week
- The Sigma command line interface based on pySigma☆157Updated 3 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆461Updated 2 weeks ago
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆365Updated last week
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆193Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆291Updated last year
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆186Updated 3 years ago