estherios's starred repositories
Microsoft-365-Defender-Hunting-Queries
Sample queries for Advanced hunting in Microsoft 365 Defender
ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
python-sigma
Python API for interacting with sigma rules.
Sigma-Hunting-App
A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
TA-Sigma-Searches
A Splunk app with saved reports derived from Sigma rules
Sigma_rules
Sigma rules to share with the community
sigma-specification
Sigma rule specification
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
atomic-threat-coverage
Actionable analytics designed to combat threats
SOC-OpenSource
This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.
IBM-QRadar-Universal-Cloud-REST-API
These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.
Sigma-Rules
Rules generated from our investigations.
CBR-Queries
Collection of useful, up to date, Carbon Black Response Queries
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
russia-ukraine_IOCs
Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake
Sigma-Rules
A repository of my own Sigma detection rules.
Malware-EVTX
恶意软件日志合集
EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Azure_Sentinel
Bulk turn on Analytic rules in Azure Sentinel