quadrantsec / sagan-rules

Related projects: ⓘ

• Loginsoft-Research / detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆49Updated 2 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated last year
• mitre / engage
  MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.
  ☆59Updated 5 months ago
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆47Updated 2 months ago
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆32Updated 2 years ago
• bfuzzy1 / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆87Updated 11 months ago
• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 4 years ago
• corelight / threat-hunting-guide
  ☆43Updated 2 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆28Updated 2 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated last year
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆55Updated 4 months ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆83Updated last year
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆84Updated 4 years ago
• center-for-threat-informed-defense / sightings_ecosystem
  Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…
  ☆33Updated 5 months ago
• P4T12ICK / Sigma-Hunting-App
  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
  ☆106Updated 4 years ago
• theflakes / sigma_to_wazuh
  Convert Sigma rules to Wazuh rules
  ☆55Updated 5 months ago
• amuehlem / MISP-RPM
  RPM packages for MISP
  ☆32Updated 2 weeks ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• enisaeu / IRtools
  The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams
  ☆58Updated 4 years ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆51Updated 3 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆34Updated 2 years ago
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆105Updated 7 months ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆60Updated 3 years ago