endgameinc/eqllib

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/endgameinc/eqllib)

endgameinc / eqllib

☆168

Alternatives and similar repositories for eqllib

Users that are interested in eqllib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

endgameinc / eql
View on GitHub
☆228Nov 18, 2025Updated 4 months ago
mitre-attack / bzar
View on GitHub
A set of Zeek scripts to detect ATT&CK techniques.
☆622Jun 26, 2024Updated last year
OTRF / OSSEM
View on GitHub
Open Source Security Events Metadata (OSSEM)
☆1,289Feb 27, 2023Updated 3 years ago
atc-project / atomic-threat-coverage
View on GitHub
Actionable analytics designed to combat threats
☆1,005May 25, 2022Updated 3 years ago
OTRF / Security-Datasets
View on GitHub
Re-play Security Events
☆1,729Mar 20, 2024Updated 2 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
mandiant / SilkETW
View on GitHub
☆825Jun 1, 2023Updated 2 years ago
mitre-attack / attack-datasources
View on GitHub
This content is analysis and research of the data sources currently listed in ATT&CK.
☆413Sep 13, 2023Updated 2 years ago
Benster900 / ThreatWaffle
View on GitHub
Threat hunting repo for my independent study on threat hunting with OSQuery
☆27Jan 16, 2018Updated 8 years ago
edoardogerosa / sentinel-attack
View on GitHub
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
☆1,080Nov 28, 2024Updated last year
olafhartong / ThreatHunting
View on GitHub
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
☆1,175Jul 26, 2023Updated 2 years ago
olafhartong / ATTACKdatamap
View on GitHub
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
☆356Nov 3, 2020Updated 5 years ago
sbousseaden / EVTX-ATTACK-SAMPLES
View on GitHub
Windows Events Attack Samples
☆2,531Jan 24, 2023Updated 3 years ago
rabobank-cdc / DeTTECT
View on GitHub
Detect Tactics, Techniques & Combat Threats
☆2,269Jan 21, 2026Updated 2 months ago
endgameinc / RTA
View on GitHub
☆1,091May 1, 2019Updated 6 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
mitre / brawl-public-game-001
View on GitHub
Data from a BRAWL Automated Adversary Emulation Exercise
☆212Oct 2, 2020Updated 5 years ago
olafhartong / detection-sources
View on GitHub
☆53Mar 4, 2019Updated 7 years ago
teoseller / osquery-attck
View on GitHub
Mapping the MITRE ATT&CK Matrix with Osquery
☆808May 11, 2023Updated 2 years ago
forensicmatt / RustyReg
View on GitHub
Registry to JSON. This Project is for learning purposes and is not maintained.
☆12Dec 28, 2021Updated 4 years ago
elastic / detection-rules
View on GitHub
☆2,531Updated this week
MalwareArchaeology / ATTACK
View on GitHub
MITRE ATT&CK Windows Logging Cheat Sheets
☆348Nov 8, 2018Updated 7 years ago
mitre-attack / car
View on GitHub
Cyber Analytics Repository
☆992May 16, 2025Updated 10 months ago
olafhartong / sysmon-modular
View on GitHub
A repository of sysmon configuration modules
☆2,996Aug 21, 2024Updated last year
0xAnalyst / CB-Threat-Hunting
View on GitHub
☆115Jan 31, 2024Updated 2 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
ThreatHuntingProject / ThreatHunting
View on GitHub
An informational repo about hunting for adversaries in your IT environment.
☆1,859Nov 17, 2021Updated 4 years ago
mgreen27 / Invoke-LiveResponse
View on GitHub
Invoke-LiveResponse
☆150Feb 22, 2022Updated 4 years ago
ReconInfoSec / rhq
View on GitHub
Recon Hunt Queries
☆79May 16, 2021Updated 4 years ago
OTRF / ThreatHunter-Playbook
View on GitHub
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
☆4,508Jan 12, 2026Updated 2 months ago
conix-security / bl2ru2
View on GitHub
Mass Suricata rules creator, from a list of domain
☆14Sep 14, 2018Updated 7 years ago
vadim-hunter / Detection-Ideas-Rules
View on GitHub
Detection Ideas & Rules repository.
☆178Sep 10, 2021Updated 4 years ago
nshalabi / SysmonTools
View on GitHub
Utilities for Sysmon
☆1,577Sep 21, 2025Updated 6 months ago
atc-project / atc-mitigation
View on GitHub
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
☆23Aug 21, 2019Updated 6 years ago
Velocidex / eql2vql
View on GitHub
Transform EQL detection rules to VQL artifacts
☆12Nov 12, 2021Updated 4 years ago
Wordpress hosting with auto-scaling on Cloudways • Ad
Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
JPMinty / CISSP-Study-Guide
View on GitHub
study material used for the 2018 CISSP exam
☆11May 20, 2019Updated 6 years ago
JPCERTCC / SysmonSearch
View on GitHub
Investigate suspicious activity by visualizing Sysmon's event log
☆430Dec 22, 2023Updated 2 years ago
nshalabi / ATTACK-Tools
View on GitHub
Utilities for MITRE™ ATT&CK
☆1,050Jan 3, 2026Updated 2 months ago
dfirlabs / ntfs-specimens
View on GitHub
NTFS file system specimens
☆13Jul 3, 2023Updated 2 years ago
CD-R0M / YARA
View on GitHub
Hundred Days of Yara Challenge
☆12Jun 21, 2022Updated 3 years ago
OTRF / ATTACK-Python-Client
View on GitHub
Python Script to access ATT&CK content available in STIX via a public TAXII server
☆568Dec 19, 2025Updated 3 months ago
svch0stz / velociraptor-detections
View on GitHub
☆22Jan 31, 2023Updated 3 years ago