splunk / salo
Synthetic Adversarial Log Objects: A Framework for synthentic log generation
☆76Updated 8 months ago
Related projects: ⓘ
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- ☆83Updated 2 years ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- Recon Hunt Queries☆76Updated 3 years ago
- A community event for security researchers to share their favorite notebooks☆105Updated 7 months ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Python library for threat intelligence☆78Updated 2 months ago
- ☆101Updated this week
- A collection of tips for using MISP.☆74Updated 5 months ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- ☆40Updated last year
- BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.☆41Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 3 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆93Updated 6 months ago
- ☆84Updated 3 months ago
- Full of public notes and Utilities☆81Updated 3 weeks ago
- ☆68Updated last year
- My Jupyter Notebooks☆36Updated 5 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆102Updated 3 weeks ago
- ☆28Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- ☆41Updated 3 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆55Updated 4 months ago
- ☆50Updated last year
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago