sandialabs / gait

Related projects ⓘ

Alternatives and complementary repositories for gait

• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆37Updated last year
• weslambert / securityonion-misp
  ☆34Updated 3 years ago
• vertexproject / synapse-quickstart
  Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.
  ☆38Updated 2 years ago
• jshlbrd / threat-hunting-pocket-guide
  pocket guide for core threat hunting concepts
  ☆23Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆75Updated 3 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• corelight / threat-hunting-guide
  ☆46Updated 2 years ago
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆38Updated last year
• Foundstone / ExpertInvestigationGuides
  Expert Investigation Guides
  ☆50Updated 3 years ago
• airbus-cert / Splunk-ETW
  A Splunk Technology Add-on to forward filtered ETW events.
  ☆30Updated 4 years ago
• thomaspatzke / sigma-workshop
  Elasticsearch/Kibana environment and log data for Sigma workshop
  ☆26Updated 4 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆50Updated 4 months ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 7 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆23Updated 4 months ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 3 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• hm-seclab / YAFRA
  YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
  ☆27Updated 2 years ago
• 00010111 / smbtimeline
  ☆31Updated 2 weeks ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆26Updated 4 years ago
• aboutsecurity / jupyter-notebooks
  My Jupyter Notebooks
  ☆36Updated 7 months ago
• neu5ron / es_stk
  ☆13Updated 2 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆66Updated 4 years ago
• defensivedepth / Pertinax
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Updated 8 months ago
• clausing / scripts
  ☆43Updated last month
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 4 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• EmergingThreats / log4shell-detection
  ☆12Updated 2 years ago