elastic / detection-rules-explorer
UI to explore and learn about Elastic Security Detection Rules
☆16Updated this week
Related projects ⓘ
Alternatives and complementary repositories for detection-rules-explorer
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- Slides of my public talks☆46Updated 11 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated last week
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- Generate portable TTP intelligence from a web-based report☆30Updated 2 years ago
- yara detection rules for hunting with the threathunting-keywords project☆87Updated this week
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆81Updated last month
- ☆61Updated this week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 3 weeks ago
- Look into EDR events from network☆23Updated 7 months ago
- VTC - Velociraptor Timeline Creator☆15Updated 6 months ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 4 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆35Updated 11 months ago
- Living off the False Positive!☆29Updated 3 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆73Updated 2 weeks ago
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- Hunting Queries for Defender ATP☆73Updated last week
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- Threat Simulator for Enterprise Networks☆14Updated 2 years ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 3 months ago
- ShellSweeping the evil.☆52Updated 5 months ago
- Open IOC sharing platform☆53Updated 2 weeks ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆21Updated last year
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- A repository to share publicly available Velociraptor detection content☆119Updated last week
- ☆83Updated 3 months ago
- Full of public notes and Utilities☆87Updated last week