An ELK environment containing interesting security datasets.
☆136May 11, 2020Updated 6 years ago
Alternatives and similar repositories for elk-detection-lab
Users that are interested in elk-detection-lab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Import specific data sources into the Sigma generic and open signature format.☆79May 6, 2022Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆572Dec 12, 2021Updated 4 years ago
- Resolvn Threat Hunting Virtual Machine☆138Aug 16, 2019Updated 6 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆27Dec 20, 2019Updated 6 years ago
- A command-line tool and Python library for parsing Windows Event Logs and importing the results into Elasticsearch.☆89Jun 2, 2026Updated 2 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆14May 30, 2018Updated 8 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 9 months ago
- Automated Use Case Testing☆172May 1, 2018Updated 8 years ago
- Re-play Security Events☆1,771Mar 20, 2024Updated 2 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- Elemental - An ATT&CK Threat Library☆319Dec 8, 2022Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆823May 30, 2026Updated 2 weeks ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Converts Sigma detection rules to a Splunk alert configuration.☆117May 18, 2020Updated 6 years ago
- Userland API monitor for threat hunting☆58Mar 4, 2020Updated 6 years ago
- Windows Events Attack Samples☆2,574Jan 24, 2023Updated 3 years ago
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 6 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 3 months ago
- Utilities for MITRE™ ATT&CK☆1,052Jan 3, 2026Updated 5 months ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- ☆20Oct 23, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆379Jan 26, 2023Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- An Active Defense and EDR software to empower Blue Teams☆1,332Mar 31, 2026Updated 2 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- ☆350Mar 19, 2021Updated 5 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆146Oct 12, 2020Updated 5 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆25Mar 27, 2017Updated 9 years ago
- Active Directory Purple Team Playbook☆116May 8, 2023Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆109Feb 12, 2023Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆943Dec 12, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆174Jun 10, 2021Updated 5 years ago
- Utilities for Sysmon☆1,647Apr 4, 2026Updated 2 months ago
- Open Source Security Events Metadata (OSSEM)☆1,298Feb 27, 2023Updated 3 years ago
- Python Remote Administration Tool☆15Jan 8, 2017Updated 9 years ago
- Building environments to replicate small networks and deploy applications☆335Jan 9, 2026Updated 5 months ago
- EventList☆379Mar 21, 2021Updated 5 years ago