philhagen / sof-elkLinks
Configuration files for the SOF-ELK VM
☆1,590Updated last month
Alternatives and similar repositories for sof-elk
Users that are interested in sof-elk are comparing it to the libraries listed below
Sorting:
- A Powershell incident response framework☆1,603Updated 2 years ago
- ☆2,272Updated last year
- Windows Events Attack Samples☆2,365Updated 2 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,512Updated 10 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- Detect Tactics, Techniques & Combat Threats☆2,161Updated this week
- An informational repo about hunting for adversaries in your IT environment.☆1,785Updated 3 years ago
- Re-play Security Events☆1,647Updated last year
- A repository of sysmon configuration modules☆2,786Updated 9 months ago
- CyLR - Live Response Collection Tool☆680Updated 2 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆592Updated 11 months ago
- Open Source Security Events Metadata (OSSEM)☆1,266Updated 2 years ago
- Simple Bash IOC Scanner☆736Updated 3 years ago
- A repository for using windows event forwarding for incident detection and response☆1,260Updated 9 months ago
- An information security preparedness tool to do adversarial simulation.☆1,123Updated 6 years ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,601Updated last year
- ☆1,073Updated 6 years ago
- Cyber Analytics Repository☆939Updated 2 weeks ago
- Your Everyday Threat Intelligence☆1,860Updated 3 weeks ago
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,429Updated 7 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆906Updated last year
- Incident Response Methodologies☆1,024Updated 6 years ago
- A framework for developing alerting and detection strategies for incident response.☆744Updated 3 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,476Updated 2 weeks ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆917Updated last year
- Actionable analytics designed to combat threats☆986Updated 3 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,217Updated last year
- A collection of resources for Threat Hunters☆886Updated 7 months ago
- Super timeline all the things☆1,852Updated last week
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆802Updated last year