michalpurzynski / suricata-rulesLinks
Example Suricata rules implementing some of my detection tactics
☆20Updated 2 years ago
Alternatives and similar repositories for suricata-rules
Users that are interested in suricata-rules are comparing it to the libraries listed below
Sorting:
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- Build Automated Machine Images for MISP☆28Updated 2 years ago
- A set of tools and procedures for automating NSM and NIDS deployments in AWS☆16Updated 4 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- ☆16Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Incident Response Playbooks☆14Updated 6 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Updated 4 years ago
- incident response scripts☆19Updated 6 years ago
- List of sigma for a variety of threats for multiple log sources.☆12Updated 6 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Incident Response Report Using GitHub-Sphinx☆20Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Updated 11 months ago
- Sharing Threat Hunting runbooks☆26Updated 5 years ago
- ☆18Updated 3 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Updated 3 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- Open-source Fabric templates for cybersecurity and compliance☆20Updated 5 months ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago
- ☆15Updated 4 years ago
- Indicator of Compromise Scanner for CVE-2019-19781☆94Updated 5 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- ☆11Updated 4 years ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- Triage automation for suspect URLs☆13Updated 5 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago