mitre / human

Related projects: ⓘ

• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆49Updated 2 months ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• MITRECND / mitrecnd.github.io
  MITRE Shield website
  ☆18Updated 2 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated last year
• dnif / content
  ☆27Updated this week
• sans-blue-team / sec555-mdwiki-v1
  ☆10Updated 3 years ago
• OTRF / sigma
  Generic Signature Format for SIEM Systems
  ☆14Updated 2 years ago
• Loginsoft-Research / detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆49Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• mitre / access
  A CALDERA plugin
  ☆20Updated 7 months ago
• Hestat / soc-threat-hunting
  Repo of python/bash scripts for identifying IoC's in threat feed and other online tools
  ☆26Updated 4 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆24Updated 5 years ago
• thremulation-station / thremulation-station
  Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
  ☆34Updated 9 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆51Updated 2 years ago
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆29Updated 7 months ago
• DefensiveOrigins / Training
  Defensive Origins Training Schedule
  ☆35Updated 9 months ago
• tsale / BlueSploit
  BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
  ☆32Updated 4 years ago
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆29Updated 8 months ago
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• CERT-Bund / IRNetTools
  Incident Response Network Tools
  ☆22Updated 3 years ago
• mitre / atomic
  A CALDERA plugin
  ☆33Updated last month
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• randomuserid / Baltar
  Searches for Insider Threat Hunting
  ☆30Updated 5 years ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆73Updated 4 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆64Updated 6 months ago
• mitre / training
  A CALDERA plugin
  ☆24Updated last month
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆15Updated 2 years ago