misje / opencti-wazuh-connectorLinks
OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings
☆22Updated last year
Alternatives and similar repositories for opencti-wazuh-connector
Users that are interested in opencti-wazuh-connector are comparing it to the libraries listed below
Sorting:
- ☆40Updated 2 years ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆132Updated last year
- ☆20Updated 4 years ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆167Updated last month
- Convert Sigma rules to SIEM queries, directly in your browser.☆107Updated 2 weeks ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆100Updated 2 weeks ago
- Convert Sigma rules to Wazuh rules☆73Updated 3 months ago
- Personal scripts☆15Updated last year
- Automation tool for Windows Deception Host Burn-In☆86Updated last year
- ☆100Updated 3 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆89Updated last month
- Mapping of open-source detection rules and atomic tests.☆193Updated 11 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆51Updated 7 months ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆137Updated last month
- An index of publicly available and open-source threat detection rulesets.☆132Updated 8 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆67Updated last year
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- Wazuh extension looking up alert data against indicators in OpenCTI threat intel☆22Updated last year
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆54Updated 2 months ago
- yara detection rules for hunting with the threathunting-keywords project☆156Updated 7 months ago
- Tools for Wazuh by Juan C. Tello☆15Updated 3 years ago
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆54Updated 2 weeks ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆60Updated 3 years ago
- A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…☆185Updated 10 months ago
- MISP Playbooks☆222Updated 2 months ago
- OSSEM Data Dictionaries☆65Updated 11 months ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 6 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆119Updated 8 months ago
- Wazuh integration TheHive☆41Updated 2 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆65Updated 4 months ago