quadrantsec / sagan-rules
☆29Updated this week
Alternatives and similar repositories for sagan-rules:
Users that are interested in sagan-rules are comparing it to the libraries listed below
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆77Updated 4 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆61Updated 10 months ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- OSSEM Data Dictionaries☆59Updated last month
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated 3 weeks ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- ☆67Updated 2 weeks ago
- A collection of tips for using MISP.☆74Updated 3 months ago
- ☆33Updated 4 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆151Updated 3 years ago
- The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams☆58Updated 4 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 2 years ago
- OSSEM Detection Model☆176Updated 2 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last month
- Dettectinator - The Python library to your DeTT&CT YAML files.☆109Updated 2 months ago
- ☆51Updated 3 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆68Updated last month
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆27Updated 11 months ago
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆37Updated last year
- Convert Sigma rules to Wazuh rules☆63Updated 10 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆35Updated 3 weeks ago
- List of sigma for a variety of threats for multiple log sources.☆11Updated 6 years ago