Elastic Security Labs releases
☆85Nov 24, 2025Updated 3 months ago
Alternatives and similar repositories for labs-releases
Users that are interested in labs-releases are comparing it to the libraries listed below
Sorting:
- Python Library for ConfigExtractor☆15Feb 24, 2026Updated 3 weeks ago
- Indicators of compromise☆17Jan 29, 2026Updated last month
- Threatfox Censys is a tool to query Censys Search for IP addresses and domains and then parses the JSON and submits the results to Threat…☆36Mar 12, 2026Updated last week
- IR drill plateform☆23Jul 29, 2025Updated 7 months ago
- Collection of generic YARA rules☆16Aug 17, 2025Updated 7 months ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- A not so awesome list of adversary emulation gems for aspiring red/blue/purple teamers☆16Jul 19, 2022Updated 3 years ago
- Remote access and Antivirus Logging Database☆45Apr 28, 2024Updated last year
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 4 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- ☆27Nov 26, 2024Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Elastic Security detection content for Endpoint☆1,384Mar 13, 2026Updated last week
- A collaboration effort by the DFIR community to provide definitions (sometimes multiple) for common forensic terms!☆26Dec 1, 2022Updated 3 years ago
- Remove WPP calls from hexrays decompiled code☆56Jan 31, 2026Updated last month
- ☆36Nov 30, 2023Updated 2 years ago
- CAPE core and community parsers☆18Feb 9, 2026Updated last month
- Welcome to the SEKOIA.IO Community repository!☆180Mar 9, 2026Updated last week
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆54Apr 22, 2025Updated 10 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆54Mar 11, 2025Updated last year
- ReversingLabs YARA Rules☆900Nov 3, 2025Updated 4 months ago
- ☆31Feb 28, 2025Updated last year
- ☆55Mar 5, 2026Updated 2 weeks ago
- Crowdstrike response script containing various functions for IR/triage☆12Dec 7, 2020Updated 5 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆110Apr 22, 2025Updated 10 months ago
- A collection of my yara rules�☆34Jul 11, 2023Updated 2 years ago
- Configuration Extractors for Malware☆124Apr 23, 2025Updated 10 months ago
- ☆103Aug 4, 2025Updated 7 months ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆78Jan 26, 2026Updated last month
- Threat Hunting queries for various attacks☆244Jan 16, 2026Updated 2 months ago
- Manage attack surface data on Elasticsearch☆25Nov 20, 2023Updated 2 years ago
- ☆21Updated this week
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆279Dec 20, 2025Updated 3 months ago
- Ludus range for the Constructing Defense Lab☆113Feb 23, 2026Updated 3 weeks ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Sep 10, 2020Updated 5 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Jun 15, 2021Updated 4 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated 2 months ago