peasead / elastic-containerLinks
Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
☆472Updated last month
Alternatives and similar repositories for elastic-container
Users that are interested in elastic-container are comparing it to the libraries listed below
Sorting:
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆191Updated 11 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆258Updated this week
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆370Updated 5 months ago
- An opensource sigma conversion tool built using pysigma☆130Updated 2 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆225Updated this week
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆279Updated last year
- Repository of attack and defensive information for Business Email Compromise investigations☆256Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆256Updated 3 months ago
- Documentation and scripts to properly enable Windows event logs.☆618Updated last year
- LotL RMM☆208Updated last week
- This is a collection of threat detection rules / rules engines that I have come across.☆290Updated last year
- A repository to share publicly available Velociraptor detection content☆173Updated this week
- Jupyter Notebooks for the Blue Team☆144Updated 3 months ago
- A repository of my own Sigma detection rules.☆160Updated 9 months ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆206Updated 5 years ago
- Sysmon configuration file template with default high-quality event tracing☆489Updated last year
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆252Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆233Updated last week
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆617Updated last year
- Resources To Learn And Understand SIGMA Rules☆177Updated 2 years ago
- MISP Playbooks☆203Updated 2 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆583Updated 2 months ago
- Mapping of open-source detection rules and atomic tests.☆168Updated 5 months ago
- Awesome Incident Response☆273Updated last year
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆117Updated 2 years ago
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆146Updated 2 weeks ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆393Updated 5 months ago
- An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.☆196Updated 11 months ago
- Public Repo for Atomic Test Harness☆274Updated 2 months ago
- Repository of SentinelOne Deep Visibility queries.☆127Updated 3 years ago