quadrantsec / sagan-rules
☆28Updated last week
Related projects ⓘ
Alternatives and complementary repositories for sagan-rules
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆66Updated 3 years ago
- OSSEM Data Dictionaries☆59Updated 3 months ago
- ☆61Updated this week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆57Updated 6 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆49Updated 3 weeks ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- Collection of scripts provided for public use☆31Updated last week
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆106Updated 9 months ago
- Anything Sysmon related from the MSTIC R&D team☆146Updated 5 months ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆89Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆84Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- The Sigma command line interface based on pySigma☆136Updated 3 months ago
- Convert Sigma rules to Wazuh rules☆58Updated 7 months ago
- ☆83Updated 3 months ago
- OSSEM Detection Model☆168Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆15Updated 2 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆87Updated 2 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆42Updated last month
- pySigma Splunk backend☆34Updated 7 months ago
- Digital Forensics Artifacts Knowledge Base☆75Updated 6 months ago
- Evtx to Splunk ingestor☆12Updated 2 years ago
- ☆34Updated 3 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 8 months ago