utmstack / UTMStack
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
☆208Updated this week
Related projects: ⓘ
- SOCFortress CoPilot☆188Updated this week
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆160Updated 3 weeks ago
- Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident re…☆326Updated last month
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆572Updated 3 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆145Updated last week
- ☆17Updated this week
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆556Updated last week
- Linux Security and Monitoring Scripts☆317Updated last year
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection☆150Updated 2 years ago
- Automation tool for Windows Deception Host Burn-In☆71Updated 2 months ago
- OpenCTI Docker deployment helpers☆153Updated this week
- This project is a SIEM with SIRP and Threat Intel, all in one.☆404Updated 7 months ago
- A website and framework for testing NIDS detection☆197Updated last month
- Useful scripts for those administering Wazuh☆68Updated 3 weeks ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆174Updated 8 months ago
- A production ready Dockered MISP☆138Updated this week
- LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, mo…☆166Updated 8 months ago
- Open Breach and Attack Simulation Platform☆469Updated this week
- Docker image for MISP☆109Updated last week
- Awesome Incident Response☆257Updated 5 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆48Updated 2 weeks ago
- 🤖 Admyral's Python SDK simplifies writing workflow automations for Security Engineers☆259Updated this week
- Tools to integrate 2 great security tools OPNsense and Wazuh☆27Updated 3 years ago
- A standard for reducing log volume without sacrificing analytical capability☆182Updated last year
- CLI program for automating the setup, configuration, and use of cybersecurity solutions☆43Updated last year
- Docker image for Velocidex Velociraptor☆112Updated 2 months ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆160Updated 3 months ago
- Pen Test Report Generation and Assessment Collaboration☆413Updated 3 weeks ago
- A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.☆132Updated last week
- Collaborative Incident Response platform☆1,031Updated this week