Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+405.88%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+361.76%)
Threathunting SplSplunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (+244.12%)
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (+44.12%)
S2ANS2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+105.88%)
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-8.82%)
OpenubaA robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Stars: ✭ 127 (+273.53%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1888.24%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+735.29%)
ansible-splunk-playbookInstall a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Stars: ✭ 34 (+0%)
SIGMA-detection-rulesSet of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (+185.29%)
Kong-API-ManagerKong API Manager with Prometheus And Graylog
Stars: ✭ 78 (+129.41%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+676.47%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+12894.12%)
thremulation-stationSmall-scale threat emulation and detection range built on Elastic and Atomic Redteam.
Stars: ✭ 28 (-17.65%)
siembolAn open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.
Stars: ✭ 153 (+350%)
PANDAPANDA: Adapting Pretrained Features for Anomaly Detection and Segmentation (CVPR 2021)
Stars: ✭ 64 (+88.24%)
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (+88.24%)
kestrel-langKestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Stars: ✭ 165 (+385.29%)
splunk-hec-goSplunk HTTP Event Collector (HEC) Golang library
Stars: ✭ 19 (-44.12%)
anomalibAn anomaly detection library comprising state-of-the-art algorithms and features such as experiment management, hyper-parameter optimization, and edge inference.
Stars: ✭ 1,210 (+3458.82%)
Meta-GDN AnomalyDetectionImplementation of TheWebConf 2021 -- Few-shot Network Anomaly Detection via Cross-network Meta-learning
Stars: ✭ 22 (-35.29%)
ScrummageThe Ultimate OSINT and Threat Hunting Framework
Stars: ✭ 355 (+944.12%)
deviation-networkSource code of the KDD19 paper "Deep anomaly detection with deviation networks", weakly/partially supervised anomaly detection, few-shot anomaly detection
Stars: ✭ 94 (+176.47%)
ETWNetMonv3ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Stars: ✭ 32 (-5.88%)
YaraHuntsRandom hunting ordiented yara rules
Stars: ✭ 86 (+152.94%)
FARED for Anomaly DetectionOfficial source code of "Fast Adaptive RNN Encoder-Decoder for Anomaly Detection in SMD Assembly Machine"
Stars: ✭ 14 (-58.82%)
AutomataAutomatic detection engineering technical state compliance
Stars: ✭ 33 (-2.94%)
vault-plugin-splunkVault plugin to securely manage Splunk admin accounts and password rotation
Stars: ✭ 23 (-32.35%)
XGBODSupplementary material for IJCNN paper "XGBOD: Improving Supervised Outlier Detection with Unsupervised Representation Learning"
Stars: ✭ 59 (+73.53%)
TA-dmarcAdd-on for ingesting DMARC aggregate reports into Splunk
Stars: ✭ 14 (-58.82%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (+52.94%)
twitter-aws-comprehendAn app to analyze tweets using Amazon Comprehend's Sentiment Analysis service
Stars: ✭ 13 (-61.76%)
anomaly-segThe Combined Anomalous Object Segmentation (CAOS) Benchmark
Stars: ✭ 115 (+238.24%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+558.82%)
hassh-utilshassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)
Stars: ✭ 41 (+20.59%)
trafficA quick and dirty vehicle speed detector using video + anomaly detection
Stars: ✭ 21 (-38.24%)
tilitools[ti]ny [li]ttle machine learning [tool]box - Machine learning, anomaly detection, one-class classification, and structured output prediction
Stars: ✭ 40 (+17.65%)
RTFMOfficial code for 'Weakly-supervised Video Anomaly Detection with Robust Temporal Feature Magnitude Learning' [ICCV 2021]
Stars: ✭ 216 (+535.29%)
ailia-modelsThe collection of pre-trained, state-of-the-art AI models for ailia SDK
Stars: ✭ 1,102 (+3141.18%)
deviation-network-imageOfficial PyTorch implementation of the paper “Explainable Deep Few-shot Anomaly Detection with Deviation Networks”, weakly/partially supervised anomaly detection, few-shot anomaly detection, image defect detection.
Stars: ✭ 47 (+38.24%)
Anomaly Detectionanomaly detection with anomalize and Google Trends data
Stars: ✭ 38 (+11.76%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (+47.06%)
semantic loggerSemantic Logger is a feature rich logging framework, and replacement for existing Ruby & Rails loggers.
Stars: ✭ 730 (+2047.06%)