Just Someone's repositories
Sigma-Hunting-App
A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
ATTACK-Python-Client
Python Script to access ATT&CK content available in STIX via a public TAXII server
browser-history
A simple, zero-dependencies, developer-friendly Python package to retrieve web browser history
corona_virus
This project includes an app that allows users to visualize and analyze information about COVID-19 using data made publicly-available by Johns Hopkins University. For more information on legal disclaimers, please see the README.
docker-cuckoo
Cuckoo Sandbox Dockerfile
docker-moloch
A Docker container for Moloch based on minimal Debian
ldap-analyzer
Bro analyzer for LDAP write operations
malwoverview
Malwoverview is a first response tool to perform an initial and quick triage in a directory containing malware samples, specific malware sample, suspect URL and domains. Additionally, it allows to download and send samples to main online sandboxes.
PSSysmonTools
Sysmon Tools for PowerShell
sigma
Main Sigma Rule Repository
Sigma2SplunkAlert
Converts Sigma detection rules to a Splunk alert configuration.
sigma_python_toolbox
My tools box script for sigma
SLIPSDocker
Docker for Stratosphere Linux IPS
sysmon-config
Sysmon configuration file template with default high-quality event tracing
ThreatHunting
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs