Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques ...
Security event correlation engine for ELK stack
A collection of PowerShell modules designed for artifact gathering and r...
Encyclopedia for Executables
A robust, and flexible open source User & Entity Behavior Analytics (UEB...
A datasource assessment on an event level to show potential coverage or ...
Awesome list of keywords and artifacts for Threat Hunting sessions
Test Blue Team detections without running any attack.
Splunk code (SPL) for serious threat hunters and detection engineers.
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
Microsoft Sentinel SOC Operations
Open-source framework to detect outliers in Elasticsearch events
An open-source, real-time Security Information & Event Management tool b...
Repository with Sample KQL Query examples for Threat Hunting
Open Source SIEM (Security Information and Event Management system).