Alternatives and similar repositories for multithreaded-exfil-detection:

Users that are interested in multithreaded-exfil-detection are comparing it to the libraries listed below

• olafhartong / detection-sources
  ☆53Updated 6 years ago
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆39Updated last year
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• Karneades / SigmaFilterCheck
  Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)
  ☆15Updated 4 years ago
• EmergingThreats / log4shell-detection
  ☆12Updated 3 years ago
• mvelazc0 / attack2jira
  attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
  ☆111Updated 2 years ago
• StamusNetworks / suricata-language-server
  Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…
  ☆69Updated 2 months ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• atc-project / react-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆16Updated 4 years ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• corelight / detect-ransomware-filenames
  ☆16Updated 3 months ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• Javierop20 / joy2ja3
  Python tool for converting from joy format to JA3 format SSL/TLS hashes
  ☆11Updated 4 years ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• krakow2600 / atomic-threat-coverage
  The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage
  ☆24Updated 5 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆77Updated 2 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆26Updated 3 months ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago
• TravisFSmith / mitre_attack
  ☆78Updated 4 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• cyware-labs / Threat-Response-Docker
  ☆42Updated 2 years ago
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 11 months ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• cyentific-rni / security-playbook-stix-misp-exchange
  This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…
  ☆16Updated 2 years ago