{"id":13389606,"url":"https://github.com/0x783kb/Security-Operation-Book","last_synced_at":"2025-03-13T14:31:50.734Z","repository":{"id":39821826,"uuid":"196167890","full_name":"0x783kb/Security-Operation-Book","owner":"0x783kb","description":"常见的攻击行为监测特征及方法，涵盖端点和流量，未包含PowerShell和Sysmon。预祝运营生活愉快！","archived":false,"fork":false,"pushed_at":"2024-09-17T08:37:53.000Z","size":83337,"stargazers_count":608,"open_issues_count":0,"forks_count":140,"subscribers_count":24,"default_branch":"master","last_synced_at":"2024-10-29T16:58:14.282Z","etag":null,"topics":["attck","security","security-operation","soc","threat-hunting"],"latest_commit_sha":null,"homepage":"https://0x783kb.github.io/Security-Operation-Book/","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0x783kb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-10T08:44:30.000Z","updated_at":"2024-10-28T17:51:49.000Z","dependencies_parsed_at":"2023-11-15T10:30:07.161Z","dependency_job_id":"52f25b9e-aa2c-4e4c-8b32-8c9e78ee8a4a","html_url":"https://github.com/0x783kb/Security-Operation-Book","commit_stats":null,"previous_names":["12306bro/security-operation-book"],"tags_count":0,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x783kb%2FSecurity-Operation-Book","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x783kb%2FSecurity-Operation-Book/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x783kb%2FSecurity-Operation-Book/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x783kb%2FSecurity-Operation-Book/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0x783kb","download_url":"https://codeload.github.com/0x783kb/Security-Operation-Book/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243422560,"owners_count":20288481,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attck","security","security-operation","soc","threat-hunting"],"created_at":"2024-07-30T13:01:22.686Z","updated_at":"2025-03-13T14:31:45.690Z","avatar_url":"https://github.com/0x783kb.png","language":null,"funding_links":[],"categories":["Others"],"sub_categories":[],"readme":"# Security-operation-book\n\n## 简介\n\nSecurity-operation-book目前已覆盖116个TID，353个技术点。主要涵盖Web、Windows AD、Linux，涉及ATT\u0026CK技术、模拟测试、检测思路、检测所需数据源等。\n\n![覆盖图](img/index.png)\n\n## 规则说明\n\nWeb_Attck检测规则为Suricata、Sigma两种格式，端点检测规则为Sigma格式为主。\n\n## stars\n\n![stars](https://starchart.cc/0x783kb/Security-operation-book.svg)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x783kb%2FSecurity-Operation-Book","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0x783kb%2FSecurity-Operation-Book","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x783kb%2FSecurity-Operation-Book/lists"}