ThreatHunting-Keywords
reversinglabs-siem-rules
ThreatHunting-Keywords | reversinglabs-siem-rules | |
---|---|---|
1 | 1 | |
338 | 58 | |
- | - | |
9.4 | 6.9 | |
8 days ago | 16 days ago | |
HTML | YARA | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ThreatHunting-Keywords
-
List of offensive tools keywords for ThreatHunting
more information here: https://github.com/mthcht/ThreatHunting-Keywords
reversinglabs-siem-rules
What are some alternatives?
sysmon-config - Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
EVTX-ATTACK-SAMPLES - Windows Events Attack Samples
awesome-lists - Security lists for SOC detections
Open-Source-Security-Guide - Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Purpleteam - Purpleteam scripts simulation & Detection - trigger events for SOC detections
matano - Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
MurMurHash - This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
nzyme - Network Defense System.
MicrosoftSentinelStuff - Misc. content for Microsoft Sentinel
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.