elastic / endpoint

Related projects ⓘ

Alternatives and complementary repositories for endpoint

• OTRF / OSSEM-DD
  OSSEM Data Dictionaries
  ☆59Updated 3 months ago
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆156Updated 2 months ago
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆131Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆136Updated 3 months ago
• The-DFIR-Report / Yara-Rules
  ☆61Updated this week
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆146Updated 5 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆189Updated 3 weeks ago
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆141Updated last year
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆115Updated 4 years ago
• Security-Onion-Solutions / securityonion-image
  ☆48Updated this week
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• elastic / detection-rules-explorer
  UI to explore and learn about Elastic Security Detection Rules
  ☆16Updated this week
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆65Updated 8 months ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆42Updated last month
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆119Updated last week
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆54Updated 2 years ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆101Updated last week
• MHaggis / notes
  Full of public notes and Utilities
  ☆87Updated last week
• joesecurity / sigma-rules
  Sigma rules from Joe Security
  ☆203Updated 2 weeks ago
• ControlCompass / ControlCompass.github.io
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆123Updated 8 months ago
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆104Updated this week
• OTRF / OSSEM-DM
  OSSEM Detection Model
  ☆168Updated 2 years ago
• keyboardcrunch / SentinelOne-Query-Navigator
  Web based S1 query navigator for one-click threat hunting
  ☆18Updated 3 years ago
• JPCERTCC / MemoryForensic-on-Cloud
  Memory Forensic System on Cloud
  ☆87Updated 11 months ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆94Updated 9 months ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆85Updated last year
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆63Updated last year
• mitre / stockpile
  A CALDERA plugin
  ☆72Updated 3 weeks ago