Alternatives and similar repositories for multithreaded-exfil-detection

Users that are interested in multithreaded-exfil-detection are comparing it to the libraries listed below

• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated 2 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆72Updated last week
• corelight / detect-ransomware-filenames
  ☆17Updated 6 months ago
• socprime / socprime_sigma
  List of sigma for a variety of threats for multiple log sources.
  ☆12Updated 6 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• opencybersecurityalliance / kestrel-huntbook
  This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
  ☆33Updated last year
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• OISF / suricata-intel-index
  Suricata rule and intel index
  ☆31Updated 3 months ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆55Updated 11 months ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆78Updated 3 years ago
• precurse / zeek-httpattacks
  This module detects HTTP requests that are non RFC compliant and used for smuggling
  ☆12Updated 2 years ago
• OTRF / openhunt
  ☆34Updated 4 years ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆78Updated 2 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated last month
• MISP / evtx-toolkit
  Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream
  ☆11Updated 4 years ago
• TravisFSmith / mitre_attack
  ☆77Updated 4 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆107Updated last year
• ninoseki / uzen
  Website crawler with YARA detection
  ☆88Updated last year
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆27Updated 5 years ago
• center-for-threat-informed-defense / attack_to_veris
  🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …
  ☆71Updated last year
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago