elastic / endpoint
☆27Updated 5 months ago
Related projects: ⓘ
- OSSEM Data Dictionaries☆56Updated last month
- Web based S1 query navigator for one-click threat hunting☆18Updated 3 years ago
- pySigma Splunk backend☆33Updated 5 months ago
- Anything Sysmon related from the MSTIC R&D team☆143Updated 3 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- ☆61Updated 3 weeks ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆40Updated this week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆84Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆124Updated this week
- Full of public notes and Utilities☆81Updated 3 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆65Updated last month
- ☆27Updated this week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆102Updated last month
- The Infosec Community Definitive Guide to Jupyter Notebooks☆108Updated 3 years ago
- The Sigma command line interface based on pySigma☆130Updated last month
- ☆68Updated last year
- Elastic Security Labs releases☆46Updated 3 weeks ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆120Updated 6 months ago
- OSSEM Detection Model☆166Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆69Updated last week
- A repository to share publicly available Velociraptor detection content☆115Updated this week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆142Updated 7 months ago
- OSSEM Common Data Model☆54Updated 2 years ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- ☆79Updated 2 months ago
- Rules generated from our investigations.☆186Updated last month
- ☆79Updated last month
- A CALDERA plugin☆72Updated 3 months ago