P4T12ICK's repositories
Sigma-Hunting-App
A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
Sigma2SplunkAlert
Converts Sigma detection rules to a Splunk alert configuration.
Sigma-Rule-Repository
Sigma Detection Rule Repository
Splunk-Vulnerability-Scanner-App
Visualization of Nessus Vulnerability Scanner data in Splunk
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
DetectionLab
Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
repo-badges
:star: Use repo badges (build passing, coverage, etc) in your readme/markdown file to signal code quality in a project.
sigma
Generic Signature Format for SIEM Systems