juaromu / wazuh

Related projects ⓘ

Alternatives and complementary repositories for wazuh

• juaromu / wazuh-domain-stats-alienvault
  ☆15Updated 3 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆61Updated 3 years ago
• dariommr / scripts
  Personal scripts
  ☆12Updated 2 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆43Updated 6 months ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆21Updated last week
• juaromu / wazuh-misp
  ☆15Updated last year
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆59Updated 4 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 6 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆47Updated 2 weeks ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• jctello / JCT-Wazuh
  Tools for Wazuh by Juan C. Tello
  ☆14Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated 2 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆24Updated 5 years ago
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆60Updated 7 months ago
• blacklanternsecurity / sigma-rules
  A collection of Sigma rules organized by MITRE ATT&CK technique
  ☆16Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• Security-Onion-Solutions / securityonion-soc
  ☆47Updated this week
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆67Updated last year
• SecurityBagel / VulnBagel
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆13Updated last week
• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 4 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 2 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆23Updated 3 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆34Updated 2 years ago