endgameinc/eqllib

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/endgameinc/eqllib)

endgameinc / eqllib

☆168

Alternatives and similar repositories for eqllib

Users that are interested in eqllib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

endgameinc / eql
View on GitHub
☆229Apr 22, 2026Updated last month
mitre-attack / bzar
View on GitHub
A set of Zeek scripts to detect ATT&CK techniques.
☆622Jun 26, 2024Updated last year
OTRF / OSSEM
View on GitHub
Open Source Security Events Metadata (OSSEM)
☆1,298Feb 27, 2023Updated 3 years ago
atc-project / atomic-threat-coverage
View on GitHub
Actionable analytics designed to combat threats
☆1,010May 25, 2022Updated 4 years ago
OTRF / Security-Datasets
View on GitHub
Re-play Security Events
☆1,769Mar 20, 2024Updated 2 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
mandiant / SilkETW
View on GitHub
☆842Jun 1, 2023Updated 3 years ago
mitre-attack / attack-datasources
View on GitHub
This content is analysis and research of the data sources currently listed in ATT&CK.
☆413Sep 13, 2023Updated 2 years ago
Benster900 / ThreatWaffle
View on GitHub
Threat hunting repo for my independent study on threat hunting with OSQuery
☆27Jan 16, 2018Updated 8 years ago
edoardogerosa / sentinel-attack
View on GitHub
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
☆1,077Nov 28, 2024Updated last year
olafhartong / ThreatHunting
View on GitHub
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
☆1,186Jul 26, 2023Updated 2 years ago
olafhartong / ATTACKdatamap
View on GitHub
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
☆358Nov 3, 2020Updated 5 years ago
sbousseaden / EVTX-ATTACK-SAMPLES
View on GitHub
Windows Events Attack Samples
☆2,571Jan 24, 2023Updated 3 years ago
rabobank-cdc / DeTTECT
View on GitHub
Detect Tactics, Techniques & Combat Threats
☆2,298Jun 2, 2026Updated last week
endgameinc / RTA
View on GitHub
☆1,094May 1, 2019Updated 7 years ago
Virtual machines for every use case on DigitalOcean • Ad
Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
mitre / brawl-public-game-001
View on GitHub
Data from a BRAWL Automated Adversary Emulation Exercise
☆215Oct 2, 2020Updated 5 years ago
olafhartong / detection-sources
View on GitHub
☆53Mar 4, 2019Updated 7 years ago
teoseller / osquery-attck
View on GitHub
Mapping the MITRE ATT&CK Matrix with Osquery
☆810May 11, 2023Updated 3 years ago
forensicmatt / RustyReg
View on GitHub
Registry to JSON. This Project is for learning purposes and is not maintained.
☆12Dec 28, 2021Updated 4 years ago
elastic / detection-rules
View on GitHub
☆2,613Updated this week
MalwareArchaeology / ATTACK
View on GitHub
MITRE ATT&CK Windows Logging Cheat Sheets
☆348Nov 8, 2018Updated 7 years ago
mitre-attack / car
View on GitHub
Cyber Analytics Repository
☆1,012May 16, 2025Updated last year
olafhartong / sysmon-modular
View on GitHub
A repository of sysmon configuration modules
☆3,055Aug 21, 2024Updated last year
0xAnalyst / CB-Threat-Hunting
View on GitHub
☆115Jan 31, 2024Updated 2 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
ThreatHuntingProject / ThreatHunting
View on GitHub
An informational repo about hunting for adversaries in your IT environment.
☆1,873Nov 17, 2021Updated 4 years ago
mgreen27 / Invoke-LiveResponse
View on GitHub
Invoke-LiveResponse
☆152Feb 22, 2022Updated 4 years ago
ReconInfoSec / rhq
View on GitHub
Recon Hunt Queries
☆79May 16, 2021Updated 5 years ago
OTRF / ThreatHunter-Playbook
View on GitHub
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
☆4,583Jan 12, 2026Updated 5 months ago
conix-security / bl2ru2
View on GitHub
Mass Suricata rules creator, from a list of domain
☆14Sep 14, 2018Updated 7 years ago
vadim-hunter / Detection-Ideas-Rules
View on GitHub
Detection Ideas & Rules repository.
☆179Sep 10, 2021Updated 4 years ago
atc-project / atc-mitigation
View on GitHub
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
☆24Aug 21, 2019Updated 6 years ago
nshalabi / SysmonTools
View on GitHub
Utilities for Sysmon
☆1,647Apr 4, 2026Updated 2 months ago
Velocidex / eql2vql
View on GitHub
Transform EQL detection rules to VQL artifacts
☆12Nov 12, 2021Updated 4 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
JPMinty / CISSP-Study-Guide
View on GitHub
study material used for the 2018 CISSP exam
☆11May 20, 2019Updated 7 years ago
JPCERTCC / SysmonSearch
View on GitHub
Investigate suspicious activity by visualizing Sysmon's event log
☆431Dec 22, 2023Updated 2 years ago
nshalabi / ATTACK-Tools
View on GitHub
Utilities for MITRE™ ATT&CK
☆1,051Jan 3, 2026Updated 5 months ago
dfirlabs / ntfs-specimens
View on GitHub
NTFS file system specimens
☆13May 21, 2026Updated 3 weeks ago
CD-R0M / YARA
View on GitHub
Hundred Days of Yara Challenge
☆12Jun 21, 2022Updated 3 years ago
OTRF / ATTACK-Python-Client
View on GitHub
Python Script to access ATT&CK content available in STIX via a public TAXII server
☆572Dec 19, 2025Updated 5 months ago
svch0stz / velociraptor-detections
View on GitHub
☆22Jan 31, 2023Updated 3 years ago