EVTX-to-MITRE-Attack VS Purpleteam

Compare EVTX-to-MITRE-Attack vs Purpleteam and see what are their differences.

EVTX-to-MITRE-Attack

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases. (by mdecrevoisier)
mitre-attack Siem evtx threat-hunting Redteam
Source Code
Suggest alternative
Edit details

Purpleteam

Purpleteam scripts simulation & Detection - trigger events for SOC detections (by mthcht)
Blueteam Detection Linux mitre-attack offensive-scripts purpleteam Redteam Security Siem Simulation soc Tactics techniques Windows Awesome awesome-list IoC threat-hunting threathunting detection-engineering
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
EVTX-to-MITRE-Attack Purpleteam
2 1
475 122
- -
3.7 7.8
about 2 months ago 10 days ago
PowerShell
Creative Commons Zero v1.0 Universal -
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

EVTX-to-MITRE-Attack

Posts with mentions or reviews of EVTX-to-MITRE-Attack. We have used some of these posts to build our list of alternatives and similar projects.
  • Mapping MITRE ATT&CK with Window Event Log IDs
    1 project | /r/netsecstudents | 19 May 2022
    Direct GitHub link bc ads. Like I commented last time I saw this project, I think it's a good starting point, but an important note: These mappings are 1:1. You should not limit your correlations to 1:1, but rather one ATT&CK term to many event IDs. Each technique can often be mapped to many, many different event IDs. And analysis / alerting on these events needs to be context aware, looking at other events before and after. When we approached this problem (mapping ATT&CK to detection logic) we realized there was almost never a scenario where event IDs could map 1:1 with the ATT&CK Matrix.
    1 project | /r/blueteamsec | 16 May 2022
    Source Github Link no ads.

Purpleteam

Posts with mentions or reviews of Purpleteam. We have used some of these posts to build our list of alternatives and similar projects.

What are some alternatives?

When comparing EVTX-to-MITRE-Attack and Purpleteam you can also consider the following projects:

evtx-hunter - evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

MAL-CL - MAL-CL (Malicious Command-Line)

SIGMA-detection-rules - Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

UltimateAppLockerByPassList - The goal of this repository is to document the most common techniques to bypass AppLocker.

SysmonConfigPusher - Pushes Sysmon Configs

awesome-lists - Security lists for SOC detections

EVTX-ATTACK-SAMPLES - Windows Events Attack Samples

chainsaw - Rapidly Search and Hunt through Windows Forensic Artefacts

macOS-ATTACK-DATASET - JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.

ThreatHunting-Keywords - Awesome list of keywords and artifacts for Threat Hunting sessions

awesome-threat-detection - ✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

EVTX-to-MITRE-Attack vs evtx-hunter Purpleteam vs MAL-CL EVTX-to-MITRE-Attack vs SIGMA-detection-rules Purpleteam vs UltimateAppLockerByPassList EVTX-to-MITRE-Attack vs SysmonConfigPusher Purpleteam vs awesome-lists EVTX-to-MITRE-Attack vs EVTX-ATTACK-SAMPLES Purpleteam vs chainsaw Purpleteam vs macOS-ATTACK-DATASET Purpleteam vs ThreatHunting-Keywords Purpleteam vs awesome-threat-detection