mitre / human
Caldera plugin to deploy "humans" to emulate user behavior on systems
☆24Updated 4 months ago
Related projects: ⓘ
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- MITRE Shield website☆18Updated 2 years ago
- Automated detection rule analysis utility☆29Updated last year
- ☆27Updated this week
- ☆10Updated 3 years ago
- Generic Signature Format for SIEM Systems☆14Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- A CALDERA plugin☆20Updated 7 months ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆29Updated 7 months ago
- Defensive Origins Training Schedule☆35Updated 9 months ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 4 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago
- Expert Investigation Guides☆50Updated 3 years ago
- Incident Response Network Tools☆22Updated 3 years ago
- A CALDERA plugin☆33Updated last month
- DNS Dashboard for hunting and identifying beaconing☆14Updated 4 years ago
- Searches for Insider Threat Hunting☆30Updated 5 years ago
- Collection of walkthroughs on various threat hunting techniques☆73Updated 4 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- A CALDERA plugin☆24Updated last month
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆15Updated 2 years ago