salesforce / multithreaded-exfil-detection

Related projects ⓘ

Alternatives and complementary repositories for multithreaded-exfil-detection

• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆37Updated last year
• socprime / socprime_sigma
  List of sigma for a variety of threats for multiple log sources.
  ☆11Updated 6 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆25Updated 8 months ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• EmergingThreats / log4shell-detection
  ☆12Updated 2 years ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• mandiant / goauditparser
  ☆43Updated last year
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated 10 months ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆23Updated 4 months ago
• corelight / zerologon
  Zeek package to detect Zerologon
  ☆11Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 7 months ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆40Updated 4 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆127Updated 3 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 7 months ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆65Updated 2 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆15Updated 2 years ago