The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
☆25Aug 12, 2019Updated 6 years ago
Alternatives and similar repositories for atomic-threat-coverage
Users that are interested in atomic-threat-coverage are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Event Log Analysis Tools☆31Sep 27, 2016Updated 9 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Pyscan - A fast malware scanner using ShellScannerPatterns☆30May 25, 2021Updated 4 years ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Example scripts and rules for use in Resilient playbooks.☆35Dec 15, 2023Updated 2 years ago
- ☆23May 7, 2021Updated 4 years ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13May 18, 2021Updated 4 years ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Mar 19, 2026Updated last week
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Using QRadar API☆20Feb 23, 2018Updated 8 years ago
- A guide to using Azure Data Explorer and KQL for DFIR☆124May 16, 2022Updated 3 years ago
- Threat Alert Logic Repository☆93Feb 7, 2019Updated 7 years ago
- A lightweight Python module to interact with the MITRE ATT&CK® Enterprise dataset. Built for speed with minimal dependencies. Read the do…☆11Nov 24, 2025Updated 4 months ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,508Jan 12, 2026Updated 2 months ago
- ☆53Mar 4, 2019Updated 7 years ago
- A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…☆12Jul 15, 2020Updated 5 years ago
- Useful Threat Hunting Stuff☆32Sep 1, 2020Updated 5 years ago
- Repository of public reference frameworks for the DFIR community.☆122Jul 4, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- ☆15Jul 9, 2020Updated 5 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Collection of scripts that I have used on Red Team engagements☆16Feb 15, 2018Updated 8 years ago
- A curated list of my GitHub stars!☆18Sep 29, 2017Updated 8 years ago
- C# User Simulation☆33Oct 6, 2022Updated 3 years ago
- Scripts from my book OS X Incident Response Scripting and Analysis -> https://www.amazon.com/dp/012804456X/ref=cm_sw_r_tw_dp_U_x_fQeLAb68…☆50Sep 23, 2016Updated 9 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Detonate malware on VMs and get logs & detection status☆89Mar 17, 2026Updated last week
- WAF Testing Tool☆21May 16, 2014Updated 11 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 3 months ago
- ☆14Oct 3, 2024Updated last year
- ☁️ My Cloud Projects, Docs/Write-ups☆11Jul 8, 2023Updated 2 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Repository resource for threat hunter☆157Sep 14, 2018Updated 7 years ago