Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+405.88%)
Mutual labels: threat-hunting, siem, anomaly-detection
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (+244.12%)
Mutual labels: threat-hunting, siem
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+105.88%)
Mutual labels: threat-hunting, sigma
Kong-API-ManagerKong API Manager with Prometheus And Graylog
Stars: ✭ 78 (+129.41%)
Mutual labels: splunk, siem
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+676.47%)
Mutual labels: threat-hunting, siem
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+735.29%)
Mutual labels: threat-hunting, siem
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+361.76%)
Mutual labels: threat-hunting, siem
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (+44.12%)
Mutual labels: anomaly-detection, threat-detection
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+12894.12%)
Mutual labels: splunk, siem
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-8.82%)
Mutual labels: splunk, threat-hunting
thremulation-stationSmall-scale threat emulation and detection range built on Elastic and Atomic Redteam.
Stars: ✭ 28 (-17.65%)
Mutual labels: threat-hunting, threat-detection
blue-teaming-with-kqlRepository with Sample KQL Query examples for Threat Hunting
Stars: ✭ 102 (+200%)
Mutual labels: threat-hunting, siem
Threat-Hunting-and-DetectionRepository for threat hunting and detection queries, tools, etc.
Stars: ✭ 261 (+667.65%)
Mutual labels: threat-hunting, threat-detection
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1888.24%)
Mutual labels: threat-hunting, siem
OpenubaA robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Stars: ✭ 127 (+273.53%)
Mutual labels: siem, anomaly-detection
Azure-Sentinel-4-SecOpsMicrosoft Sentinel SOC Operations
Stars: ✭ 140 (+311.76%)
Mutual labels: threat-hunting, siem
ansible-splunk-playbookInstall a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Stars: ✭ 34 (+0%)
Mutual labels: splunk, siem
SIGMA-detection-rulesSet of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (+185.29%)
Mutual labels: threat-hunting, sigma
SysmonConfigPusherPushes Sysmon Configs
Stars: ✭ 59 (+73.53%)
Mutual labels: threat-hunting, siem
splunk-hec-goSplunk HTTP Event Collector (HEC) Golang library
Stars: ✭ 19 (-44.12%)
Mutual labels: splunk