Topic: "siem"
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Language: C - Size: 434 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 12,523 - Forks: 1,852
SigmaHQ/sigma
Main Sigma Rule Repository
Language: Python - Size: 42.6 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 9,244 - Forks: 2,347
Graylog2/graylog2-server
Free and open log management
Language: Java - Size: 185 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 7,684 - Forks: 1,083
outflanknl/RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Language: Python - Size: 42.7 MB - Last synced at: 3 days ago - Pushed at: 4 months ago - Stars: 2,464 - Forks: 378
mozilla/MozDef 📦
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Language: Python - Size: 62.1 MB - Last synced at: 6 days ago - Pushed at: over 3 years ago - Stars: 2,168 - Forks: 328
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Language: Python - Size: 367 KB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 1,897 - Forks: 223
sherifabdlnaby/elastdocker
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
Language: Dockerfile - Size: 145 KB - Last synced at: 11 days ago - Pushed at: 5 months ago - Stars: 1,877 - Forks: 323
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Language: Rust - Size: 11 MB - Last synced at: 4 days ago - Pushed at: 5 months ago - Stars: 1,559 - Forks: 111
cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Size: 20.5 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 1,398 - Forks: 226
pfelk/pfelk
pfSense/OPNsense + Elastic Stack
Language: Shell - Size: 55.1 MB - Last synced at: 26 days ago - Pushed at: 4 months ago - Stars: 1,122 - Forks: 197
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Size: 43 MB - Last synced at: 9 days ago - Pushed at: 6 months ago - Stars: 1,069 - Forks: 208
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
Language: YARA - Size: 12.9 GB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 979 - Forks: 121
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Language: Go - Size: 655 KB - Last synced at: 8 days ago - Pushed at: over 1 year ago - Stars: 965 - Forks: 86
jaegeral/security-apis
A collective list of public APIs for use in security. Contributions welcome
Size: 122 KB - Last synced at: 9 days ago - Pushed at: about 1 month ago - Stars: 923 - Forks: 137
nsacyber/Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Language: PowerShell - Size: 140 KB - Last synced at: 2 months ago - Pushed at: over 4 years ago - Stars: 861 - Forks: 166
threathunters-io/laurel
Transform Linux Audit logs for SIEM usage
Language: Rust - Size: 693 KB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 763 - Forks: 63
ion-storm/sysmon-config Fork of SwiftOnSecurity/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Language: PowerShell - Size: 1.56 MB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 752 - Forks: 141
cyber5k/mistborn
Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering. Optional SIEM+IDS. Supports 2FA, Nextcloud, Jitsi, Home Assistant, +
Last synced at: about 2 months ago - Stars: 692 - Forks: 107
tenzir/tenzir
Tenzir is the data pipeline engine for security teams.
Language: C++ - Size: 2.16 GB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 676 - Forks: 97
runreveal/pql
Pipelined Query Language
Language: Go - Size: 215 KB - Last synced at: about 2 months ago - Pushed at: 5 months ago - Stars: 649 - Forks: 25
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
Language: PowerShell - Size: 1.54 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 627 - Forks: 105
iknowjason/PurpleCloud
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
Language: Python - Size: 42.9 MB - Last synced at: 10 days ago - Pushed at: 2 months ago - Stars: 575 - Forks: 97
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
Language: PowerShell - Size: 209 MB - Last synced at: 27 days ago - Pushed at: about 1 month ago - Stars: 565 - Forks: 61
mdecrevoisier/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Size: 2.97 MB - Last synced at: 7 months ago - Pushed at: 9 months ago - Stars: 526 - Forks: 87
tirrenotechnologies/tirreno
Monitor, analyze, and protect your web application from cyber fraud, account takeovers, fake accounts, bots, and abuse. Get started — free.
Language: PHP - Size: 2.59 MB - Last synced at: 2 days ago - Pushed at: about 1 month ago - Stars: 523 - Forks: 62
strontic/xcyclopedia
Encyclopedia for Executables
Language: PowerShell - Size: 173 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 439 - Forks: 47
defenxor/dsiem
Security event correlation engine for ELK stack
Language: Go - Size: 22.5 MB - Last synced at: 7 months ago - Pushed at: 11 months ago - Stars: 434 - Forks: 101
turbot/tailpipe
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
Language: Go - Size: 40.3 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 433 - Forks: 9
GACWR/OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Language: Python - Size: 20.6 MB - Last synced at: 8 days ago - Pushed at: about 1 year ago - Stars: 429 - Forks: 247
TonyPhipps/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Language: PowerShell - Size: 720 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 417 - Forks: 83
panther-labs/panther-analysis
Built-in Panther detection rules and policies
Language: Python - Size: 6.34 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 385 - Forks: 183
olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Language: PowerShell - Size: 2.5 MB - Last synced at: 12 days ago - Pushed at: over 4 years ago - Stars: 352 - Forks: 64
utmstack/UTMStack
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Language: Java - Size: 187 MB - Last synced at: 4 days ago - Pushed at: 5 days ago - Stars: 276 - Forks: 36
inodee/threathunting-spl
Splunk code (SPL) for serious threat hunters and detection engineers.
Size: 8.47 MB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 273 - Forks: 41
n0dec/MalwLess
Test Blue Team detections without running any attack.
Language: C# - Size: 248 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 272 - Forks: 58
eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
Language: PowerShell - Size: 6.96 MB - Last synced at: 12 days ago - Pushed at: 11 months ago - Stars: 254 - Forks: 66
beave/sagan
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Size: 6.67 MB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 231 - Forks: 64
dogoncouch/LogESP
Open Source SIEM (Security Information and Event Management system).
Language: Python - Size: 2.34 MB - Last synced at: 12 days ago - Pushed at: almost 2 years ago - Stars: 211 - Forks: 67
NVISOsecurity/ee-outliers 📦
Open-source framework to detect outliers in Elasticsearch events
Language: Python - Size: 3.92 MB - Last synced at: 20 days ago - Pushed at: about 2 years ago - Stars: 209 - Forks: 33
ashwin-patil/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
Size: 21.6 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 209 - Forks: 36
G-Research/siembol 📦
An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.
Language: Java - Size: 13.5 MB - Last synced at: 18 days ago - Pushed at: about 2 months ago - Stars: 206 - Forks: 70
mthcht/Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Language: PowerShell - Size: 39.5 MB - Last synced at: 27 days ago - Pushed at: 5 months ago - Stars: 185 - Forks: 19
Cargill/OpenSIEM-Logstash-Parsing
SIEM Logstash parsing for more than hundred technologies
Language: Python - Size: 4.18 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 184 - Forks: 40
P4T12ICK/ypsilon
Automated Use Case Testing
Language: TeX - Size: 583 KB - Last synced at: 22 days ago - Pushed at: about 7 years ago - Stars: 167 - Forks: 16
someengineering/cloud-security-list
A list of cloud security tools and vendors.
Size: 271 KB - Last synced at: about 2 months ago - Pushed at: 9 months ago - Stars: 156 - Forks: 25
Annsec/awesome-cybersecurity
Curated list of awesome cybersecurity companies and solutions.
Size: 32.2 KB - Last synced at: 21 days ago - Pushed at: 12 months ago - Stars: 156 - Forks: 24
3CORESec/SIEGMA
SIEGMA - Transform Sigma rules into SIEM consumables
Language: Python - Size: 1.01 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 149 - Forks: 23
bgenev/impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
Language: Python - Size: 117 MB - Last synced at: 6 months ago - Pushed at: about 1 year ago - Stars: 124 - Forks: 6
ep3p/Sentinel_KQL
In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).
Size: 3.75 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 123 - Forks: 24
CityBaseInc/SIAC 📦
SIAC is an enterprise SIEM built on open-source technology.
Size: 1.3 MB - Last synced at: 2 months ago - Pushed at: over 6 years ago - Stars: 114 - Forks: 21
UncoderIO/Roota
Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with standardized metadata and threat intelligence to enable automated translation into other languages
Size: 271 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 109 - Forks: 8
UncoderIO/Uncoder_IO
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Language: Python - Size: 2.3 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 101 - Forks: 16
paulveillard/cybersecurity-SOAR
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
Size: 324 KB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 95 - Forks: 14
Kwangsa19/Ketmanto-Cybersecurity-Portfolio
I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump, IDS (Suricata), SIEM (Splunk, Chronicle), and Python automation.
Language: Jupyter Notebook - Size: 2.23 MB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 94 - Forks: 35
SecurityRiskAdvisors/TALR
Threat Alert Logic Repository
Language: Shell - Size: 2.36 MB - Last synced at: about 1 month ago - Pushed at: over 6 years ago - Stars: 92 - Forks: 18
ControlCompass/ControlCompass.github.io
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Language: JavaScript - Size: 2.78 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 91 - Forks: 20
safernandez666/Kong-API-Manager
Kong API Manager with Prometheus And Graylog
Language: Python - Size: 86.2 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 90 - Forks: 41
zercurity/zercurity 📦
Manage, monitor and improve your cyber security posture.
Language: Shell - Size: 2.69 MB - Last synced at: about 2 months ago - Pushed at: about 2 years ago - Stars: 90 - Forks: 16
josh-morin/qradar
Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Language: Python - Size: 1.05 MB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 82 - Forks: 21
northsh/detection.studio
Convert Sigma rules to SIEM queries, directly in your browser.
Language: Vue - Size: 5.32 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 80 - Forks: 2
0xThiebaut/sigmai
Import specific data sources into the Sigma generic and open signature format.
Language: Go - Size: 48.8 KB - Last synced at: 4 days ago - Pushed at: about 3 years ago - Stars: 78 - Forks: 5
skalogs/SkaETL
Open Source ETL designed for and dedicated to Log processing and transformation
Language: Java - Size: 27.5 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 69 - Forks: 29
russelltomkins/Project-Sauron
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
Language: PowerShell - Size: 66.4 KB - Last synced at: over 2 years ago - Pushed at: over 5 years ago - Stars: 68 - Forks: 19
LaresLLC/SysmonConfigPusher
Pushes Sysmon Configs
Language: C# - Size: 1.82 MB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 61 - Forks: 5
tarsal-oss/kflowd
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
Language: C - Size: 3.52 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 60 - Forks: 3
reversinglabs/reversinglabs-siem-rules
A collection of various SIEM rules relating to malware family groups.
Language: YARA - Size: 164 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 59 - Forks: 6
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language: Python - Size: 176 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 54 - Forks: 7
azure-ad-b2c/siem
The repository contains artifacts to create and publish reports, alerts, and dashboards based on Azure AD B2C logs. These artifacts can also be used for Security Information & Event Management (SIEM) related tasks.
Size: 4.44 MB - Last synced at: 12 months ago - Pushed at: almost 2 years ago - Stars: 54 - Forks: 21
cylaris/awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
Size: 163 KB - Last synced at: 24 days ago - Pushed at: almost 2 years ago - Stars: 53 - Forks: 5
Blumira/Logmira
Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.
Size: 118 KB - Last synced at: almost 2 years ago - Pushed at: about 2 years ago - Stars: 53 - Forks: 4
Truvis/CheatSheets
Collection of scripts, files, and tips to create and maintain networks, hack, and more!
Size: 193 KB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 52 - Forks: 9
ansorren/GDPatrol 📦
A Lambda-powered Security Orchestration framework for AWS GuardDuty
Language: Python - Size: 12.7 KB - Last synced at: about 1 year ago - Pushed at: over 5 years ago - Stars: 51 - Forks: 16
Loginsoft-LLC/threat-detection-rules
Threat Detection & Anomaly Detection rules for popular open-source components
Size: 104 KB - Last synced at: 5 months ago - Pushed at: almost 3 years ago - Stars: 50 - Forks: 11
LogRhythm-Tools/LogRhythm.Tools
LogRhythm PowerShell Toolkit
Language: PowerShell - Size: 7.71 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 49 - Forks: 19
SEKOIA-IO/documentation
SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM
Language: JavaScript - Size: 672 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 46 - Forks: 62
grafana/pySigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
Language: Python - Size: 846 KB - Last synced at: 6 days ago - Pushed at: about 1 month ago - Stars: 45 - Forks: 2
alias454/ansible-splunk-playbook
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Language: Shell - Size: 105 KB - Last synced at: about 2 years ago - Pushed at: about 5 years ago - Stars: 41 - Forks: 27
dogoncouch/siemstress
Very basic CLI SIEM (Security Information and Event Management system).
Language: Python - Size: 1.55 MB - Last synced at: about 1 month ago - Pushed at: about 7 years ago - Stars: 39 - Forks: 7
dirtyfilthy/siem-from-scratch
SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Language: Shell - Size: 122 KB - Last synced at: 6 months ago - Pushed at: almost 5 years ago - Stars: 37 - Forks: 5
jhochwald/Universal-Winlogbeat-configuration 📦
Universal Winlogbeat configuration
Size: 88.9 KB - Last synced at: 3 days ago - Pushed at: about 3 years ago - Stars: 33 - Forks: 5
akamai/uls
Unified Log Streamer (ULS)
Language: Python - Size: 1.34 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 32 - Forks: 10
SHolzhauer/elastic-tip
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
Language: Python - Size: 67.4 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 27 - Forks: 5
clayball/nector
A SIEM inspired by HECTOR, built on Django.
Language: Python - Size: 748 KB - Last synced at: 7 months ago - Pushed at: about 6 years ago - Stars: 27 - Forks: 9
u-siem/u-siem-core
Framework definitions that allow to build a custom SIEM.
Language: Rust - Size: 1 MB - Last synced at: 22 days ago - Pushed at: 8 months ago - Stars: 26 - Forks: 7
zoldax/NHSuite
NHSuite allows users to efficiently manage their QRadar Network Hierarchy. Utilizing the provided QRadar API, users can seamlessly export, import, and fetch domain information in a CSV format.
Language: Python - Size: 42 KB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 26 - Forks: 2
karthikkbala/MISP-QRadar-Integration
The Project can be used to integrate QRadar with MISP Threat Sharing Platform
Language: Python - Size: 4.88 KB - Last synced at: about 2 years ago - Pushed at: about 3 years ago - Stars: 26 - Forks: 27
GenRockeR/mpsiemlib
MP SIEM SDK
Language: Python - Size: 6.6 MB - Last synced at: 21 days ago - Pushed at: 4 months ago - Stars: 25 - Forks: 16
DataTech-Solutions/Threat-Detection-and-Visualization
Threat Detection and Visualization
Language: TSQL - Size: 11.9 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 25 - Forks: 153
eshlomo1/CloudSec
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.
Language: PowerShell - Size: 881 KB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 24 - Forks: 3
akamai/cli-eaa
CLI for Enterprise Application Access (EAA)
Language: Python - Size: 552 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 24 - Forks: 7
ceramicskate0/SWELF
Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Language: C# - Size: 1.95 MB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 24 - Forks: 7
binalyze/tigma
Sigma Engine implementation in TypeScript
Language: JavaScript - Size: 13 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 24 - Forks: 2
xeraa/auditbeat-in-action
Demo for Elastic's Auditbeat and SIEM
Language: HCL - Size: 102 KB - Last synced at: about 2 months ago - Pushed at: almost 4 years ago - Stars: 24 - Forks: 6
DXC-0/SOC-Ressources
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
Size: 34.2 MB - Last synced at: 16 days ago - Pushed at: 8 months ago - Stars: 22 - Forks: 5
operatorequals/Blue-Baron
Automate creating resilient, disposable, secure and agile monitoring infrastructure for Blue Teams.
Language: Python - Size: 1.76 MB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 22 - Forks: 1
nicpenning/Nessus-ES Fork of iwikmai/Nessus-ES 📦
Ingest Nessus files into Elasticsearch using PowerShell!
Language: PowerShell - Size: 3.47 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 20 - Forks: 5
alexfrancow/iSOC
:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.
Language: Jupyter Notebook - Size: 117 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 19 - Forks: 11
google/secops-wrapper
A helper SDK to wrap the Google SecOps API for common security use cases
Language: Python - Size: 329 KB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 18 - Forks: 11
AtlasInsideCorp/UTMStackCorrelationRules
UTMStack Correlation Engine Rules
Size: 48.5 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 18 - Forks: 13
austinsonger/Elastic-Security
Repo for Automations and other solutions for Elastic SIEM/Security.
Language: Shell - Size: 50.8 KB - Last synced at: about 2 months ago - Pushed at: almost 4 years ago - Stars: 18 - Forks: 4
