detection-rulesThreat Detection & Anomaly Detection rules for popular open-source components
Stars: ✭ 34 (-70.94%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+47.01%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+477.78%)
SiemSIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+34.19%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+125.64%)
MeerkatA collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+142.74%)
RouletteA text/template based rules engine
Stars: ✭ 32 (-72.65%)
Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+950.43%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+671.79%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-67.52%)
TelerReal-time HTTP Intrusion Detection
Stars: ✭ 1,248 (+966.67%)
BesafeBeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-82.05%)
DetectionsThis repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Stars: ✭ 95 (-18.8%)
Android Udev RulesAndroid udev rules list aimed to be the most comprehensive on the net
Stars: ✭ 810 (+592.31%)
Awesome CybersecurityCurated list of awesome cybersecurity companies and solutions.
Stars: ✭ 77 (-34.19%)
BluespawnAn Active Defense and EDR software to empower Blue Teams
Stars: ✭ 737 (+529.91%)
Graylog2 ServerFree and open source log management
Stars: ✭ 5,952 (+4987.18%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-10.26%)
Rules自用Clash 策略组及规则 及Subconverter 相关资源备份
Stars: ✭ 94 (-19.66%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+913.68%)
Auditd AttackA Linux Auditd rule set mapped to MITRE's Attack Framework
Stars: ✭ 642 (+448.72%)
NzymeNzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
Stars: ✭ 507 (+333.33%)
Malware FeedBringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-41.03%)
KlaraKaspersky's GReAT KLara
Stars: ✭ 565 (+382.91%)
Django RulesAwesome Django authorization, without the database
Stars: ✭ 1,255 (+972.65%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+734.19%)
DovehawkDovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Stars: ✭ 97 (-17.09%)
Siem From ScratchSIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Stars: ✭ 31 (-73.5%)
ApulloA scanner for taking basic fingerprints
Stars: ✭ 22 (-81.2%)
RulerzPowerful implementation of the Specification pattern in PHP
Stars: ✭ 827 (+606.84%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+935.9%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+530.77%)
RulesGeneric Rules engine in golang
Stars: ✭ 96 (-17.95%)
RulesNo description, website, or topics provided.
Stars: ✭ 6,421 (+5388.03%)
TalrThreat Alert Logic Repository
Stars: ✭ 76 (-35.04%)
PreceptA declarative programming framework
Stars: ✭ 621 (+430.77%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-37.61%)
Event Forwarding GuidanceConfiguration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Stars: ✭ 605 (+417.09%)
White Book有关于 CNBlackListR 项目的说明
Stars: ✭ 94 (-19.66%)
Rulebook100% Java, Lambda Enabled, Lightweight Rules Engine with a Simple and Intuitive DSL
Stars: ✭ 562 (+380.34%)
Security ApisA collective list of public JSON APIs for use in security. Contributions welcome
Stars: ✭ 508 (+334.19%)
FattFATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Stars: ✭ 490 (+318.8%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+1091.45%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-21.37%)
Project SauronTools to create a Native Windows Audit Collection Platform. Active Directory example provided
Stars: ✭ 58 (-50.43%)
Node RulesNode-rules is a light weight forward chaining rule engine written in JavaScript.
Stars: ✭ 481 (+311.11%)
Chn IplistChnroutes rules for routers、Shadowrocket、Quantumult、Kitsunebi、acl、BifrostV、v2rayNG、v2rayN、clash、pac、Qv2ray、v2ray config file.
Stars: ✭ 469 (+300.85%)
Nrules.languageBusiness rules language for NRules rules engine.
Stars: ✭ 55 (-52.99%)
RulesStick Rules -- Quantumult X / Loon / ClashX Rules \ Quantumult back to CN Rules
Stars: ✭ 458 (+291.45%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+275.21%)
PatrowlhearsPatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-23.93%)
Postcss At Rules VariablesPostCss plugin to use CSS Custom Properties in at-rule @each, @for, @if, @else and more...
Stars: ✭ 52 (-55.56%)