An ELK environment containing interesting security datasets.
☆136May 11, 2020Updated 5 years ago
Alternatives and similar repositories for elk-detection-lab
Users that are interested in elk-detection-lab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Resolvn Threat Hunting Virtual Machine☆138Aug 16, 2019Updated 6 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆27Dec 20, 2019Updated 6 years ago
- A fast library for parsing and importing Windows Event Logs into Elasticsearch.☆88Apr 14, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆14May 30, 2018Updated 7 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- Automated Use Case Testing☆171May 1, 2018Updated 8 years ago
- Re-play Security Events☆1,746Mar 20, 2024Updated 2 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- Elemental - An ATT&CK Threat Library☆319Dec 8, 2022Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆806Apr 6, 2026Updated last month
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Converts Sigma detection rules to a Splunk alert configuration.☆116May 18, 2020Updated 5 years ago
- Userland API monitor for threat hunting☆58Mar 4, 2020Updated 6 years ago
- Windows Events Attack Samples☆2,554Jan 24, 2023Updated 3 years ago
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 months ago
- Utilities for MITRE™ ATT&CK☆1,051Jan 3, 2026Updated 4 months ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- ☆20Oct 23, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆378Jan 26, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An Active Defense and EDR software to empower Blue Teams☆1,328Mar 31, 2026Updated last month
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- ☆350Mar 19, 2021Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆145Oct 12, 2020Updated 5 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆25Mar 27, 2017Updated 9 years ago
- Active Directory Purple Team Playbook☆116May 8, 2023Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆109Feb 12, 2023Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆939Dec 12, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆174Jun 10, 2021Updated 4 years ago
- Utilities for Sysmon☆1,638Apr 4, 2026Updated last month
- Open Source Security Events Metadata (OSSEM)☆1,293Feb 27, 2023Updated 3 years ago
- Python Remote Administration Tool☆15Jan 8, 2017Updated 9 years ago
- Building environments to replicate small networks and deploy applications☆333Jan 9, 2026Updated 4 months ago
- EventList☆379Mar 21, 2021Updated 5 years ago