elastic / endpointLinks
☆36Updated 2 months ago
Alternatives and similar repositories for endpoint
Users that are interested in endpoint are comparing it to the libraries listed below
Sorting:
- OSSEM Data Dictionaries☆60Updated 4 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 2 weeks ago
- ☆23Updated 3 years ago
- A CALDERA plugin☆76Updated this week
- Full of public notes and Utilities☆113Updated 3 months ago
- Slides of my public talks☆55Updated last year
- A collection of Sigma rules organized by MITRE ATT&CK technique☆17Updated 3 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆78Updated this week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- ShellSweeping the evil.☆52Updated 11 months ago
- pySigma Splunk backend☆38Updated 3 weeks ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- ☆20Updated this week
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Updated 10 months ago
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆30Updated 2 months ago
- A CALDERA plugin☆22Updated 2 weeks ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆90Updated last week
- A collection of my presentations, blog posts, and other contributions to the information security community☆26Updated 2 weeks ago
- Anything Sysmon related from the MSTIC R&D team☆153Updated 11 months ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆91Updated 3 years ago
- Active Directory Purple Team Playbook☆108Updated 2 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆133Updated 2 years ago
- ☆77Updated 5 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- A CALDERA plugin☆26Updated 10 months ago