socfortress / iris-velociraptorartifact-module
IRIS Module to Run Any Velociraptor Artifact
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for iris-velociraptorartifact-module
- Playbooks for SOC Analysts☆143Updated last year
- A production ready Dockered MISP☆166Updated this week
- Docker image for Velocidex Velociraptor☆113Updated 4 months ago
- SOCFortress CoPilot☆210Updated this week
- A repository to share publicly available Velociraptor detection content☆119Updated this week
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆306Updated 5 months ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆86Updated 2 years ago
- Rules generated from our investigations.☆188Updated 2 weeks ago
- SentinelOne STAR Rules☆50Updated last year
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆51Updated 5 years ago
- An opensource sigma conversion tool built using pysigma☆95Updated this week
- ☆49Updated 5 months ago
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆195Updated this week
- Tools and Techniques for Blue Team / Incident Response☆22Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆202Updated last year
- Signatures and IoCs from public Volexity blog posts.☆315Updated 3 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆94Updated last year
- ☆10Updated last year
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆123Updated 8 months ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆157Updated this week
- Repository of SentinelOne Deep Visibility queries.☆118Updated 3 years ago
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆594Updated 2 months ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆410Updated 9 months ago
- MISP Playbooks☆174Updated 3 weeks ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆143Updated this week
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆105Updated 2 years ago
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆122Updated last week
- Harness the power of Splunk for your investigations☆76Updated 2 weeks ago
- Takajō (鷹匠) is a Hayabusa results analyzer.☆89Updated this week