一些常见的安全检测规则及事件
Repository of YARA rules made by Trellix ATR Team
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Sp...
SIEM Tactics, Techiques, and Procedures
The Ultimate OSINT and Threat Hunting Framework
Clusters and elements to attach to MISP events or attributes (like threa...
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques ...
This repository contains Open Source freely usable Threat Intel feeds th...
FCL (Fileless Command Lines) - Known command lines of fileless malicious...
Automatically created C2 Feeds
A repository of KQL queries focused on threat hunting and threat detecti...
Malware Sample Sources
A collection of PowerShell modules designed for artifact gathering and r...
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知...
:wrench: Deploy customizable Active Directory labs in Azure - automatica...