Primary data pipelines for intrusion detection, security analytics and threat hunting
☆85Jan 9, 2022Updated 4 years ago
Alternatives and similar repositories for Tylium
Users that are interested in Tylium are comparing it to the libraries listed below
Sorting:
- Searches for Insider Threat Hunting☆29May 2, 2019Updated 6 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- ☆13Apr 8, 2022Updated 3 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- ☆76Jun 5, 2018Updated 7 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- Repo containing docker-compose files and setup scripts without having to clone the individual reternal components☆111Mar 25, 2021Updated 4 years ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆83Mar 20, 2023Updated 3 years ago
- Ps1jacker is a tool for generating COM Hijacking payload.☆60Feb 11, 2025Updated last year
- Identify common attack paths to get Domain Administrator☆21Aug 20, 2019Updated 6 years ago
- Generate YARA rules for OOXML documents.☆38Jun 1, 2023Updated 2 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- A Web Self Service Application for Generating OpenC2 Commands☆10Sep 26, 2019Updated 6 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 3 months ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Oct 14, 2025Updated 5 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Monitor the textual data pasted into Windows clipboard☆29Nov 4, 2018Updated 7 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated 2 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,080Nov 28, 2024Updated last year
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Elemental - An ATT&CK Threat Library☆318Dec 8, 2022Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Osquery Mangement Server☆115Aug 7, 2020Updated 5 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆143Oct 12, 2020Updated 5 years ago
- CASCADE Server☆274Dec 8, 2022Updated 3 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- ☆10Dec 28, 2015Updated 10 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Dec 27, 2017Updated 8 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- A testing framework for mail security and filtering solutions.☆245Jul 24, 2023Updated 2 years ago
- Utilities for Sysmon☆1,576Sep 21, 2025Updated 6 months ago
- malware-traffic-analysis.net PCAPs repository.☆37Jun 9, 2016Updated 9 years ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆882Nov 17, 2020Updated 5 years ago
- Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments☆401Feb 27, 2024Updated 2 years ago