The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
☆25Aug 12, 2019Updated 6 years ago
Alternatives and similar repositories for atomic-threat-coverage
Users that are interested in atomic-threat-coverage are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- CeramicSkate0 Sysmon configuration fork file template with default high-quality event tracing☆10Sep 29, 2023Updated 2 years ago
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Pyscan - A fast malware scanner using ShellScannerPatterns☆30May 25, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Actionable analytics designed to combat threats☆1,007May 25, 2022Updated 3 years ago
- Example scripts and rules for use in Resilient playbooks.☆35Dec 15, 2023Updated 2 years ago
- ☆23May 7, 2021Updated 4 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- A Sigma based detection pipeline☆12Dec 15, 2023Updated 2 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13May 18, 2021Updated 4 years ago
- ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.☆135Jul 25, 2019Updated 6 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆37May 20, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Mar 19, 2026Updated last month
- Exfiltration based on custom X509 certificates☆26Feb 23, 2024Updated 2 years ago
- Compilation of resources to help with Adversary Simulation automation harness☆100Aug 7, 2020Updated 5 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- A guide to using Azure Data Explorer and KQL for DFIR☆124May 16, 2022Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,534Jan 12, 2026Updated 3 months ago
- ☆53Mar 4, 2019Updated 7 years ago
- Repository of public reference frameworks for the DFIR community.☆122Jul 4, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A virtual MediaWiki development environment, built on Vagrant, VirtualBox, and Puppet.☆16Dec 1, 2016Updated 9 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- A curated list of my GitHub stars!☆18Sep 29, 2017Updated 8 years ago
- C# User Simulation☆33Oct 6, 2022Updated 3 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- AWS lambda function to ship ELB, S3, CloudTrail, VPC, CloudFront logs to Logmatic.io☆12Mar 5, 2018Updated 8 years ago
- Detonate malware on VMs and get logs & detection status☆89Apr 8, 2026Updated last week
- WAF Testing Tool☆21May 16, 2014Updated 11 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆569Dec 19, 2025Updated 4 months ago
- A modern approach to password rotation for the local administrator account on Windows 10 workstations utilizing Microsoft Endpoint Config…☆10May 5, 2020Updated 5 years ago
- Repository resource for threat hunter☆159Sep 14, 2018Updated 7 years ago
- A test case runner for Sigma rules☆14Aug 14, 2024Updated last year
- PowerShell wrapper for nmap, allows easy scanning of many hosts and subnets☆15Apr 1, 2018Updated 8 years ago
- ATS Score Checker a ultimate tool for enhancing resume's compatibility with Applicant Tracking Systems (ATS). This application helps job …☆13Jul 9, 2024Updated last year
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago