elastic / detection-rules-explorerLinks
☆20Updated this week
Alternatives and similar repositories for detection-rules-explorer
Users that are interested in detection-rules-explorer are comparing it to the libraries listed below
Sorting:
- VTC - Velociraptor Timeline Creator☆18Updated last year
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆94Updated 11 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆36Updated 5 months ago
- Slides of my public talks☆56Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆82Updated last month
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 3 weeks ago
- OSSEM Data Dictionaries☆61Updated 5 months ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 2 weeks ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Hunting Queries for Defender ATP☆81Updated 3 months ago
- ☆72Updated 8 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆64Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆20Updated last month
- A collection of various SIEM rules relating to malware family groups.☆66Updated last year
- Living off the False Positive!☆37Updated 5 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆54Updated last month
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆104Updated this week
- ☆92Updated 2 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆46Updated 2 months ago
- Threat Simulator for Enterprise Networks☆14Updated 3 years ago
- This repository is created to store the artifacts for any intrusions I share publicly.☆26Updated last year
- Defender Resource Hub☆26Updated this week
- Open-source Fabric templates for cybersecurity and compliance☆21Updated 6 months ago
- Full of public notes and Utilities☆120Updated 5 months ago
- Mapping of open-source detection rules and atomic tests.☆169Updated 5 months ago
- AI-powered tool designed to help producing Threat Intelligence Mindmap.☆98Updated last month
- Web based S1 query navigator for one-click threat hunting☆21Updated 4 years ago
- Automation tool for Windows Deception Host Burn-In☆86Updated 7 months ago
- yara detection rules for hunting with the threathunting-keywords project☆124Updated 2 months ago