jamesspi

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

security-action-examples

This repository contains a few examples of actions that can be added to rules within Elastic Security.

protections-artifacts

Elastic Security detection content for Endpoint

RIP

soc-faker

A python package for use in generating fake data for SOC and security automation.

emulation-plans

A list of Mitre Caldera compatible emulation-plans

detection-rules

RE-iOS-Apps

A completely free, open source and online course about Reverse Engineering iOS Applications.

ecs-mapper

Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash

RTA

ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

ElasticTMDB

ElasticTMDB is a Python3 module which sources movie and TV show details from The Movie Database (TMDB) and caches them in an Elasticsearch index to speed up subsequent queries to the same title

wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

streisand

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.