philhagen / sof-elkLinks
Configuration files for the SOF-ELK VM
☆1,685Updated last week
Alternatives and similar repositories for sof-elk
Users that are interested in sof-elk are comparing it to the libraries listed below
Sorting:
- An informational repo about hunting for adversaries in your IT environment.☆1,825Updated 3 years ago
- A Powershell incident response framework☆1,620Updated 2 years ago
- Re-play Security Events☆1,690Updated last year
- ☆2,346Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,211Updated 2 weeks ago
- Incident Response Methodologies☆1,026Updated 7 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,509Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,279Updated 2 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,167Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆611Updated last year
- CyLR - Live Response Collection Tool☆693Updated 3 years ago
- Windows Events Attack Samples☆2,437Updated 2 years ago
- Cyber Analytics Repository☆964Updated 5 months ago
- A repository of sysmon configuration modules☆2,888Updated last year
- Your Everyday Threat Intelligence☆1,919Updated 2 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆945Updated 2 years ago
- Actionable analytics designed to combat threats☆1,002Updated 3 years ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,500Updated 3 months ago
- Super timeline all the things☆1,945Updated last week
- Simple Bash IOC Scanner☆762Updated 3 years ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆878Updated 4 years ago
- An information security preparedness tool to do adversarial simulation.☆1,138Updated 6 years ago
- Digital Forensics artifact repository☆1,166Updated 2 weeks ago
- CLI tool to manage a SIFT Install☆419Updated 2 years ago
- A repository for using windows event forwarding for incident detection and response☆1,286Updated last month
- A framework for developing alerting and detection strategies for incident response.☆801Updated last month
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆926Updated last year
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,092Updated this week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,375Updated 2 weeks ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆812Updated last year