socfortress / iris-velociraptorartifact-module
IRIS Module to Run Any Velociraptor Artifact
☆11Updated last year
Related projects ⓘ
Alternatives and complementary repositories for iris-velociraptorartifact-module
- Playbooks for SOC Analysts☆144Updated last year
- A production ready Dockered MISP☆169Updated last week
- Docker image for Velocidex Velociraptor☆113Updated 4 months ago
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆310Updated 5 months ago
- SOCFortress CoPilot☆210Updated this week
- An opensource sigma conversion tool built using pysigma☆100Updated this week
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆87Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆119Updated this week
- Rules generated from our investigations.☆189Updated 3 weeks ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆51Updated 5 years ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆204Updated last year
- SentinelOne STAR Rules☆50Updated last year
- ☆33Updated last year
- ☆10Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆131Updated this week
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆105Updated 2 years ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆144Updated this week
- A curated repository of incident response playbooks☆63Updated last year
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆158Updated last week
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- Docker image for MISP☆115Updated this week
- 🏴☠️💰 Another Ransomware gang tracker☆157Updated this week
- MISP Playbooks☆174Updated last month
- Harness the power of Splunk for your investigations☆77Updated this week
- Repository of SentinelOne Deep Visibility queries.☆119Updated 3 years ago
- MISP to Sentinel integration☆60Updated this week
- OpenCTI Docker deployment helpers☆159Updated this week
- ☆50Updated 6 months ago
- LotL RMM☆99Updated this week
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆157Updated last year