|12 months ago||over 1 year ago|
|Jupyter Notebook||Jupyter Notebook|
|MIT License||GNU General Public License v3.0 only|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Home Virtual SIEM Lab Suggestions?
2 projects | reddit.com/r/cybersecurity | 25 Jan 2023
HELK + Mordor combo https://github.com/Cyb3rWard0g/HELK
Threat hunting Playbooks
2 projects | reddit.com/r/cybersecurity | 23 Jan 2023
SOC with machine learning
4 projects | reddit.com/r/AskNetsec | 15 Nov 2022
On a side note - I somehow have the feeling that you are trying to recreate https://github.com/Cyb3rWard0g/HELK
Elastic for security
2 projects | reddit.com/r/elasticsearch | 7 Feb 2022
You can find tools that leverage ELK that aren't necessarily plugins. SIEM looks like it has some free component to it, too: https://github.com/Cyb3rWard0g/HELK https://www.elastic.co/blog/elastic-siem-free-open
Home lab with security monitoring tools?
2 projects | reddit.com/r/netsecstudents | 23 Sep 2021
HELK can help for the SIEM and detection part
What are some alternatives?
pfelk - pfSense/OPNsense + Elastic Stack
docker-elk - The Elastic stack (ELK) powered by Docker and Compose.
DetectionLab - Automate the creation of a lab environment complete with security tooling and logging best practices
Azure-Sentinel - Cloud-native SIEM for intelligent security analytics for your entire enterprise.
RedELK - Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
h4cker - This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
security-onion - Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
jupyter2kibana - A Workflow for Data Scientists to bring Jupyter Notebook Visualizations to Kibana Dashboards
praeco - Elasticsearch alerting made simple.
go-stash - go-stash is a high performance, free and open source server-side data processing pipeline that ingests data from Kafka, processes it, and then sends it to ElasticSearch.
sigma - Main Rule Repository
Hunting-Queries-Detection-Rules - Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.