Alternatives and similar repositories for ThreatHunting-Keywords-sigma-rules:

Users that are interested in ThreatHunting-Keywords-sigma-rules are comparing it to the libraries listed below

• svch0stz / velociraptor-detections
  ☆21Updated 2 years ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 6 months ago
• curated-intel / The-CTI-Research-Guide
  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners
  ☆83Updated 4 months ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆31Updated 2 years ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆51Updated 4 months ago
• dfirence / ma-insights-xe
  User Feedback Space of #MitreAssistant
  ☆37Updated last year
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 7 months ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆23Updated 6 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆47Updated 11 months ago
• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆24Updated 4 months ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆67Updated last month
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆47Updated last year
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆65Updated 9 months ago
• JouniMi / TheDFIRThing
  ☆23Updated 6 months ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆25Updated 10 months ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated 5 months ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆36Updated last week
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆26Updated last week
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆36Updated last month
• stuxnet999 / volatility-binaries
  Contains compiled binaries of Volatility
  ☆33Updated 2 months ago
• cudeso / dfir-iris-misp-timesketch
  Scripts to integrate DFIR-IRIS, MISP and TimeSketch
  ☆34Updated 3 years ago
• openrelik / openrelik-deploy
  Tools and scripts to deploy and manage OpenRelik instances
  ☆13Updated 3 weeks ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆86Updated last year
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 10 months ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆54Updated last year
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated last month
• splunk / PEAK
  Security Content for the PEAK Threat Hunting Framework
  ☆28Updated last year