humpalum / vscode-sigmaLinks
☆16Updated 2 months ago
Alternatives and similar repositories for vscode-sigma
Users that are interested in vscode-sigma are comparing it to the libraries listed below
Sorting:
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆78Updated 3 weeks ago
- The core backend server handling API requests and task management☆39Updated last week
- ☆34Updated 7 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆39Updated 2 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆28Updated last week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆41Updated 3 weeks ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated 7 months ago
- pySigma Splunk backend☆38Updated 3 weeks ago
- ShellSweeping the evil.☆52Updated 11 months ago
- ☆7Updated 7 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Updated last year
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆31Updated last year
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆50Updated last year
- Powershell sandboxing utility☆18Updated 2 weeks ago
- Collection of scripts provided for public use☆34Updated last month
- ☆19Updated 3 years ago
- Remote access and Antivirus Logging Database☆42Updated last year
- ☆87Updated last year
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆22Updated 9 months ago
- A home for detection content developed by the delivr.to team☆69Updated this week
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆53Updated last year
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆20Updated 4 years ago
- ☆21Updated 2 years ago
- Quick ESXi Log Parser☆20Updated 5 months ago
- Recon Hunt Queries☆77Updated 4 years ago
- Publicly shareable windows event log message data☆27Updated 5 years ago
- My Jupyter Notebooks☆36Updated 2 months ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago