metalek's repositories
BF-ELK
Burnham Forensics ELK Deployment Files
GPL-3.0000
Language:PowerShellGPL-3.0000
evt2sigma
Log Entry to Sigma Rule Converter
Language:PythonLGPL-3.0000
Fenrir
Simple Bash IOC Scanner
Language:ShellMIT000
fg_log_parser
Fortigate Log Parser
Language:Python000
Loki
Loki - Simple IOC and Incident Response Scanner
Language:PythonGPL-3.0000
munin
Online hash checker for Virustotal and other services
Language:PythonApache-2.0000
osquery-configuration
A repository for using osquery for incident detection and response
NOASSERTION000
sigma
Generic Signature Format for SIEM Systems
Language:Python000
sysmon-config
Sysmon configuration file template with default high-quality event tracing
000
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
GPL-3.0000
SysmonHunter
An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
MIT000
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
NOASSERTION000