Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with siem
A curated list of projects in awesome lists tagged with siem .
https://github.com/wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
cloud-security compliance configuration-assessement container-security cybersecurity file-integrity-monitoring incident-response infosec log-analysis malware-detection pci-dss security security-audit security-automation security-hardening security-tools siem vulnerability-detection wazuh xdr
Last synced: 17 Dec 2024
https://github.com/sigmahq/sigma
Main Sigma Rule Repository
elasticsearch ids logging monitoring security siem signatures splunk sysmon
Last synced: 16 Dec 2024
https://github.com/SigmaHQ/sigma
Main Sigma Rule Repository
elasticsearch ids logging monitoring security siem signatures splunk sysmon
Last synced: 28 Oct 2024
https://github.com/graylog2/graylog2-server
Free and open log management
amqp gelf graylog hacktoberfest kafka log-analysis log-collector log-management log-viewer logging logging-server secure-logging security siem syslog
Last synced: 17 Dec 2024
https://github.com/Graylog2/graylog2-server
Free and open log management
amqp gelf graylog hacktoberfest kafka log-analysis log-collector log-management log-viewer logging logging-server secure-logging security siem syslog
Last synced: 28 Oct 2024
https://github.com/outflanknl/redelk
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
elastic elasticsearch kibana logstash monitoring red-teaming security siem
Last synced: 18 Dec 2024
https://github.com/outflanknl/RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
elastic elasticsearch kibana logstash monitoring red-teaming security siem
Last synced: 21 Nov 2024
https://github.com/mozilla/MozDef
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
abandoned elasticsearch elk elk-stack python security siem unmaintained
Last synced: 27 Oct 2024
https://github.com/mozilla/mozdef
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
abandoned elasticsearch elk elk-stack python security siem unmaintained
Last synced: 28 Sep 2024
https://github.com/sherifabdlnaby/elastdocker
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
docker docker-compos-template docker-compose elasticsearch elasticstack elk elk-stack kibana logstash observability siem
Last synced: 19 Dec 2024
https://github.com/mikeroyal/digital-forensics-guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence
Last synced: 21 Dec 2024
https://github.com/mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
alerting cyber-security detection-engineering dfir digital-forensics digitalforensicreadiness digitalforensics forensic-analysis forensics forensics-investigations forensics-tools intrusion-detection mitre-attack network-security offensive-security osint port-scanning security siem threat-intelligence
Last synced: 25 Oct 2024
https://github.com/matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
alerting apache-iceberg aws aws-security big-data cloud cloud-native cloud-security cybersecurity detection-engineering dfir log-analytics log-management rust secops security security-tools serverless siem threat-hunting
Last synced: 19 Dec 2024
https://github.com/netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure azure-sentinel blue-team cybersecurity detection kql logging mitre-attack security-tools siem sysmon sysmon-config terraform-azure threat-hunting workbooks
Last synced: 15 Dec 2024
https://github.com/pfelk/pfelk
pfSense/OPNsense + Elastic Stack
docker elastic elasticsearch firewall logs opnsense pfsense siem
Last synced: 07 Nov 2024
https://github.com/mikeroyal/open-source-security-guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 16 Dec 2024
https://github.com/mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 01 Nov 2024
https://github.com/nsacyber/Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Last synced: 31 Oct 2024
https://gitlab.com/cyber5k/mistborn
Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering. Optional SIEM+IDS. Supports 2FA, Nextcloud, Jitsi, Home Assistant, +
Syncthing bitwarden dnscrypt home assistant jellyfin jitsi multi-factor authentication nextcloud onlyoffice pihole raspberry pi rocket.chat siem tor wazuh wireguard
Last synced: 20 Dec 2024
https://github.com/runreveal/pql
Pipelined Query Language
clickhouse detection-engineering go golang query-language siem sql
Last synced: 05 Nov 2024
https://github.com/tenzir/tenzir
Open source security data pipelines.
dataops incident-response investigation netflow pcap pipelines secdataops security siem sigma soc suricata threathunting zeek
Last synced: 28 Oct 2024
https://github.com/iknowjason/purplecloud
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
azure azure-lab dfir dfir-automation pentest purpleteam siem
Last synced: 21 Dec 2024
https://github.com/iknowjason/PurpleCloud
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
azure azure-lab dfir dfir-automation pentest purpleteam siem
Last synced: 18 Nov 2024
https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
evtx mitre-attack redteam siem threat-hunting
Last synced: 14 Nov 2024
https://github.com/defenxor/dsiem
Security event correlation engine for ELK stack
elasticsearch elk logstash ossim security siem
Last synced: 21 Nov 2024
https://github.com/TonyPhipps/Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
analysis baseline blue forensics hunt incident log monitor purple recon red response scan security siem soc team threat threat-hunting triage
Last synced: 05 Nov 2024
https://github.com/tonyphipps/meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
analysis baseline blue forensics hunt incident log monitor purple recon red response scan security siem soc team threat threat-hunting triage
Last synced: 03 Nov 2024
https://github.com/strontic/xcyclopedia
Encyclopedia for Executables
command-line exe executable lolbins siem soar ssdeep
Last synced: 11 Nov 2024
https://strontic.github.io/xcyclopedia/
Encyclopedia for Executables
command-line exe executable lolbins siem soar ssdeep
Last synced: 06 Nov 2024
https://github.com/gacwr/openuba
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
analytics anomaly-detection cybersecurity datascience elasticsearch elk flask information-security machine-learning nodejs react security siem sklearn spark tensorflow threathunting uba ueba user-behaviour
Last synced: 20 Dec 2024
https://github.com/olafhartong/attackdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
dfir mitre-attack siem threat-detection threat-hunting
Last synced: 17 Dec 2024
https://github.com/olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
dfir mitre-attack siem threat-detection threat-hunting
Last synced: 11 Nov 2024
https://mthcht.github.io/ThreatHunting-Keywords/
Awesome list of keywords and artifacts for Threat Hunting sessions
awesome-list blueteam detection-engineering dfir elk-stack endpoint-security forensic hacktools incident-response iocs offensive-scripts offensive-security redteam siem sigma-rules soc splunk threat-hunting threat-intelligence threathunting
Last synced: 06 Nov 2024
https://github.com/inodee/threathunting-spl
Splunk code (SPL) for serious threat hunters and detection engineers.
rules siem spl splunk threat-hunting use-case
Last synced: 28 Nov 2024
https://github.com/eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
azure azure-sentinel cloudsecurity hunting incident-response ir microsoft microsoft-sentinel secops security siem soc threat-hunting threat-intelligence
Last synced: 11 Nov 2024
https://github.com/eshlomo1/microsoft-sentinel-secops
Microsoft Sentinel SOC Operations
azure azure-sentinel cloudsecurity hunting incident-response ir microsoft microsoft-sentinel secops security siem soc threat-hunting threat-intelligence
Last synced: 17 Dec 2024
https://github.com/utmstack/UTMStack
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
compliance correlation edr incident-response log-management siem threat-intelligence threat-management utmstack xdr
Last synced: 12 Nov 2024
https://github.com/NVISOsecurity/ee-outliers
Open-source framework to detect outliers in Elasticsearch events
anomaly-detection cirt ee-outliers machine-learning ml netsec outlier-detection outliers security-monitoring security-operations siem statistical-analysis statistics threat-hunting
Last synced: 17 Nov 2024
https://github.com/dogoncouch/logesp
Open Source SIEM (Security Information and Event Management system).
asset-management forensics log log-analysis log-collector log-management log-monitoring log-parser risk-assessment risk-management secops security security-analysis security-audit security-awareness security-tools siem syslog vulnerability-management web-application
Last synced: 18 Dec 2024
https://github.com/ashwin-patil/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
azure azure-data-explorer azure-sentinel blueteaming kql loganalytics security siem threat-hunting
Last synced: 29 Oct 2024
https://github.com/dogoncouch/LogESP
Open Source SIEM (Security Information and Event Management system).
asset-management forensics log log-analysis log-collector log-management log-monitoring log-parser risk-assessment risk-management secops security security-analysis security-audit security-awareness security-tools siem syslog vulnerability-management web-application
Last synced: 21 Nov 2024
https://github.com/someengineering/cloud-security-list
A list of cloud security tools and vendors.
attack-surface-management aws azure cnapp cspm dspm gcp security siem
Last synced: 15 Dec 2024
https://github.com/CityBaseInc/SIAC
SIAC is an enterprise SIEM built on open-source technology.
aws compliance elk fim incident-response intrusion-detection osquery pci-dss secdevops security siem wazuh
Last synced: 01 Nov 2024
https://github.com/bgenev/impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cloud cybersecurity devops monitoring osquery security security-tools server-security siem suricata visibility vpc vpc-endpoints vps xdr
Last synced: 29 Nov 2024
https://github.com/zercurity/zercurity
Manage, monitor and improve your cyber security posture.
cis-benchmark compliance linux macos osquery siem soar steampipe windows
Last synced: 05 Nov 2024
https://github.com/tarsal-oss/kflowd
Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS, HTTP and SYSLOG Application Messages via eBPF Subsystem
co-re detection dlp dns dpi ebpf edr filesystem http monitoring netflow siem syslog tcp udp virus vulnerability xdr
Last synced: 12 Oct 2024
https://github.com/dirtyfilthy/siem-from-scratch
SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
elastic elk infosec siem vagrant vagrant-machine
Last synced: 21 Nov 2024
https://github.com/dogoncouch/siemstress
Very basic CLI SIEM (Security Information and Event Management system).
cli command-line forensics log log-analysis log-analytics log-analyzer log-collector log-management log-monitoring parser parsing secops security security-analysis security-awareness security-tools siem syslog
Last synced: 25 Nov 2024
https://github.com/jhochwald/universal-winlogbeat-configuration
Universal Winlogbeat configuration
examples filebeat filter graylog logging siem sysmon universal windows windows-10 windows-server winlogbeat yml
Last synced: 29 Sep 2024
https://github.com/akamai/uls
Unified Log Streamer (ULS)
akamai akamai-mfa docker docker-compose eaa guardicore linode log secure-internet-access siem uls
Last synced: 05 Dec 2024
https://github.com/grafana/pysigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
Last synced: 07 Oct 2024
https://github.com/xeraa/auditbeat-in-action
Demo for Elastic's Auditbeat and SIEM
auditbeat auditd elasticsearch filebeat siem
Last synced: 07 Nov 2024
https://github.com/akamai/cli-eaa
CLI for Enterprise Application Access (EAA)
akamai akamai-cli cli-eaa enterprise-cli logs siem
Last synced: 05 Dec 2024
https://github.com/alexfrancow/isoc
:bar_chart: Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.
blue-team bugbounty bugbounty-tool cybersecurity docker docker-compose elasticsearch elk kibana mongodb openvas python3 red-team security-operations siem vulnerability-detection w3af zabbix
Last synced: 20 Nov 2024
https://github.com/paulveillard/cybersecurity-soar
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
compliance-as-code compliant cyber-threat-intelligence design-patterns hacking-tools incident-management incident-matrix incident-response ios-hacking orchestration orchestration-services os-hardening regulatory scalability scalable-applications security-hardening siem soar
Last synced: 07 Dec 2024
https://github.com/pcktdmp/cef
Go Package for ArcSight's Common Event Format (CEF)
arcsight cef common-event-format golang siem
Last synced: 02 Nov 2024
https://github.com/eshlomo1/cloudsec
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.
aws-security azure azure-security cfir cloud-security cloudsecurity dfir gcp-security incident-response kql microsoft microsoft-sentinel microsoftsentinel siem soc threat-hunting threat-intelligence
Last synced: 13 Nov 2024
https://github.com/0x4f53/getperms
An Android wrapper library to quickly get app permissions and other package data.
android android-library apk demo icon java jitpack library localdatetime open-source package-manager packages permissions permissions-android phone security siem signature
Last synced: 02 Nov 2024
https://github.com/0x4f53/GetPerms
An Android wrapper library to quickly get app permissions and other package data.
android android-library apk demo icon java jitpack library localdatetime open-source package-manager packages permissions permissions-android phone security siem signature
Last synced: 07 Nov 2024
https://github.com/peppelinux/django-audit-wazuh
Django middleware and signals for handling security events
django loganalysis ossec ossec-wazuh security siem wazuh
Last synced: 28 Oct 2024
https://github.com/gacwr/ouba-paper
Working white paper for OpenUBA
analytics anomaly-detection cybersecurity datascience information-security machine-learning siem threat-hunting uba ueba user-behavior white-paper whitepaper
Last synced: 15 Nov 2024
https://github.com/markfarrell/3tier
[Archived] A prototype 3-tier web application written in PureScript.
3-tier centralized-logging functional-programming incident-management intrusion-detection javascript nodejs owasp-top-10 proof-of-concept prototype purescript risk-management security-audit security-risks siem type-theory web-application
Last synced: 15 Oct 2024
https://github.com/gunh0/whs-utils
🛠️ Essential utilities for conducting classes in the WhiteHat School education program.
bs4 crwaler elk elk-stack kind kubernetes parser python3 siem
Last synced: 03 Dec 2024
https://github.com/forter/oktabeat
An elasticbeat that polls the Okta System Log https://developer.okta.com/docs/api/resources/system_log/#getting-started
beats elasticbeats go golang okta okta-api openapi3 siem
Last synced: 11 Nov 2024
https://github.com/akamai/cli-mfa
CLI module for Akamai MFA https://www.akamai.com/mfa
akamai-cli akamai-mfa cli cli-mfa enterprise-cli mfa siem
Last synced: 05 Dec 2024
https://github.com/jwhitt3r/SIEMEz
A open-source Django Security Incident and Event Management System
django incident-response python python3 security siem
Last synced: 21 Nov 2024
https://github.com/hazcod/one2sen
Go program that exports 1Password security events to Microsoft Sentinel SIEM.
1password onepassword sentinel siem
Last synced: 16 Nov 2024
https://github.com/igor-suhorukov/postgres_osquery
Running "osquery" queries from PostgreSQL
monitoring osquery performance-metrics postgresql siem
Last synced: 23 Nov 2024
https://github.com/nccgroup/reactor
Runs custom filters on Elasticsearch and alerts on matches
alerting alerts elasticsearch modular reliable scalable siem
Last synced: 10 Nov 2024
https://github.com/fvilarinho/akamai-siem-connector
This application provides a reliable and scalable way to collect Akamai Security Events (WAF, DDoS, BOT, etc.) and easily store it into different analytics platforms.
akamai devops java kafka kubernetes linode mosquitto-mqtt-broker nginx nodejs oauth2 opensearch siem terraform
Last synced: 27 Oct 2024
https://github.com/forter/sophoscentralbeat
An elastic beat to poll Sophos Central https://cloud.sophos.com events and alerts
beats elasticbeats go golang siem sophos sophos-central sophos-cloud
Last synced: 11 Nov 2024
https://github.com/hazcod/miro2sentinel
Log ingestor that retrieves audit logs from Miro and stores them in Microsoft Sentinel SIEM>
Last synced: 16 Nov 2024
https://github.com/ketsapiwiq/siem-infra
Vulnerability detection, OSquery, fully-fledged Wazuh ELK stack with Linux and Windows Wazuh + osquery enrollment via Ansible.
ansible elasticsearch kibana osquery security siem vulnerability-detection wazuh
Last synced: 17 Nov 2024
https://github.com/zakharb/fuze
AI Ruleness OT SIEM for ICS
ai-security ai-siem ics ot ot-security ot-siem siem
Last synced: 15 Nov 2024
https://github.com/maximewewer/wazuh_kubernetes_hardened
Deploy a Wazuh cluster with a hardened (prod. ready) stack on Kubernetes.
cybersecurity ids incident-response k8s monitoring opensearch security security-hardening siem wazuh xdr
Last synced: 09 Nov 2024
https://github.com/almostsouji/omega
SIEM detection format for javascript objects based on sigma logfile rules.
logging monitoring security siem signatures
Last synced: 16 Dec 2024
https://github.com/colvert-project/colvert
Manage your detection use cases portfolio
bootstrap5 cert colvert csirt csirt-activities csirt-tooling detection-use-cases django django-application django-project management mitre-attack python python3 siem siem-tools soc
Last synced: 10 Nov 2024
https://github.com/dikayx/elk-siem
A lightweight SIEM solution using the ELK stack, Docker, Winlogbeat, and Sysmon for efficient log collection and analysis.
docker elk siem sysmon windows winlogbeat
Last synced: 11 Nov 2024
https://github.com/alliesw/watchmen
NETWORK PERFORMANCE MONITORING MANAGER
api-integrations apm cloud-security-manager container-monitoring error-tracking incident-management infrastructure-monitoring log-management ndm npm performance real-user-monitoring siem synthetic-monitoring
Last synced: 05 Nov 2024
https://github.com/hazcod/mispsent
A tool that exports MISP threat intelligence attributes to Microsoft Sentinel SIEM.
Last synced: 16 Nov 2024
https://github.com/gacwr/openuba-model-hub
frontend, model registry, model search, and model marketplace for OpenUBA
analytics anomaly-detection cybersecurity datascience elasticsearch elk flask information-security machine-learning security siem sklearn spark tensorflow threathunting uba ueba user-behaviour
Last synced: 15 Nov 2024
https://github.com/xoraur0n/notes
A collection of various cybersecurity notes written in Markdown
assembly-arm assembly-x86 bash binary-exploitation cprogramming embedded-systems forensic-analysis forensics-tools incident-response low-level-programming malware-analysis memory-analysis penetration-testing penetration-testing-tools powershell python3 siem signature-detection soar
Last synced: 19 Dec 2024
https://github.com/excalibra/cybersecurity
A structured repository designed for cybersecurity professionals and enthusiasts. Covers topics such as OSINT, NMAP, WAPT, PTES, IDS/IPS, SIEM, malware analysis, privilege escalation, and more. Ideal for mastering ethical hacking, penetration testing, and advanced security techniques.
cybersecurity cybersecurity-education ethical hacking malware-analysis nmap osint penetration siem testing
Last synced: 19 Dec 2024
https://github.com/thecyberarcher/soc-ressources
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
cyberdefense cybersecurity edr siem soc socanalyst threathunting
Last synced: 25 Nov 2024
https://github.com/paulveillard/cybersecurity-siem
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security information and event management (SIEM)
Last synced: 07 Dec 2024
https://github.com/phantom0004/elk-stack-tools
A comprehensive collection of tools, scripts, and documentation for managing and utilizing the ELK (Elasticsearch, Logstash, Kibana) stack effectively. This repository compiles information and best practices from several authoritative sources, providing a centralized resource for deploying and maintaining the ELK stack.
cybersecurity educational elasticsearch elk elk-configuration elk-stack information-retrieval kibana linux logstash monitoring networking operation security setup-script siem
Last synced: 15 Nov 2024
https://github.com/abstractionslab/idps-escape
IDPS-ESCAPE (Intrusion Detection and Prevention Systems for Evading Supply Chain Attacks and Post-compromise Effects), part of the CyFORT project: open-source SOAR system powered by a dedicated ML-based anomaly detection toolbox (ADBox) integrated with open-source software such as Wazuh and Suricata.
anomaly-detection artificial-intelligence correlation data-ingestion docker graph-attention-network idps intrusion-detection machine-learning mtad-gat multivariate-timeseries opensearch pandas python3 pytorch siem soar suricata wazuh
Last synced: 13 Dec 2024
https://github.com/almostsouji/discord-sigma
A small POC bot that evaluates sigma rules on Discord structures
discord-js discordbot siem signatures
Last synced: 16 Dec 2024
https://github.com/txuswashere/beclever.solutions
https://beclever.solutions/
elastic elasticsearch elasticstack elk elk-stack kibana logstash open-source siem
Last synced: 03 Dec 2024
https://github.com/epomatti/azure-sentinel
Sentinal capabilities implemented
app-gateway azure azure-security azure-sentinel sentinel siem soar terraform waf
Last synced: 17 Nov 2024
https://github.com/muchdogesec/txt2detection
A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.
detection-engineering detection-rules siem
Last synced: 27 Nov 2024
https://github.com/alt-react/active-directory-home-lab
Design and implementing a Home Lab consisting of 4 different virtual machines in a virtual network, for use in professional IT portfolio projects.
active-directory active-directory-domain-controller active-directory-domain-services configuration configuration-management cybersecurity cybersecurity-tools kali-linux nat siem splunk sysmon ubuntu-server virtual-machine virtualbox virtulization vm windows-10 windows-server-2022
Last synced: 22 Dec 2024
https://github.com/awais922609/lets-defend-solutions
The "Let's-defend-solution" directory contains the answers to all paths of the Let's Defend platform that were saved by the creator 8 months ago. These answers can be used by others who want to learn and practice their skills in cybersecurity.
blue-team incident-handling incident-response lets-defend security-operations-center siem
Last synced: 10 Dec 2024
