Kevin Branch's repositories
wazuh-tools
Useful scripts for those administering Wazuh
so-ntopng-installer
Script to install the latest stable ntopng from the official ntop repo, onto a Security Onion 14.04 or 16.04 sensor
wazuh-office365-audit-log-collector
Collector script for retrieving audit logs from the Office 365 API with file or network/graylog output.
Wazuh-Rules
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
wazuh-training-files
Files for use during Wazuh training courses
AttackDetection
Attack Detection
elastalert2
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
nsm_event_graph
Script to generate high level link graphs of Sguil database events on Security Onion server/standalone systems
sigma
Main Sigma Rule Repository
so-wazuh
Third-party Wazuh-related files for Security Onion
sysmon-config
Sysmon configuration file template with default high-quality event tracing
sysmon-modular
A repository of sysmon configuration modules
wazuh
Wazuh - Host and endpoint security
wazuh-documentation
Wazuh documentation
wazuh-modular
Wazuh Extended Modular Configuration Project
wazuh-ruleset
Wazuh - Ruleset
wazuh_google_rules
some wazuh google workspace rules