61 results found Sort:

wazuh
wazuh wazuh
1.5k
9.6k
other
213
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
xdr siem wazuh infosec pci-dss security compliance log-analysis cybersecurity cloud-security security-audit security-tools incident-response malware-detection container-security security-hardening security-automation vulnerability-detection configuration-assessement file-integrity-monitoring
Created 2015-08-11
34,625 commits to master branch, last one 7 days ago
SigmaHQ
sigma SigmaHQ
2.1k
7.8k
other
331
Main Sigma Rule Repository
ids siem splunk sysmon logging security monitoring signatures elasticsearch
Created 2016-12-24
16,177 commits to master branch, last one a day ago
Graylog2
graylog2-server Graylog2
1.0k
7.2k
other
239
Free and open log management
amqp gelf siem kafka syslog graylog logging security log-viewer log-analysis hacktoberfest log-collector log-management logging-server secure-logging
Created 2010-05-17
24,912 commits to master branch, last one 5 hours ago
outflanknl
RedELK outflanknl
363
2.3k
bsd-3-clause
80
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
siem kibana elastic logstash security monitoring red-teaming elasticsearch
Created 2018-10-03
1,101 commits to master branch, last one 4 months ago
mozilla
MozDef mozilla
329
2.2k
mpl-2.0
151
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
elk siem python security abandoned elk-stack unmaintained elasticsearch
This repository has been archived (exclude archived)
Created 2014-02-18
5,995 commits to master branch, last one 2 years ago
sherifabdlnaby
elastdocker sherifabdlnaby
305
1.8k
mit
36
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
elk siem docker kibana logstash elk-stack elasticstack elasticsearch observability docker-compose docker-compos-template
Created 2019-09-07
129 commits to main branch, last one 7 days ago
mikeroyal
Digital-Forensics-Guide mikeroyal
179
1.5k
unknown
30
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
dfir siem osint alerting security forensics mitre-attack port-scanning cyber-security forensics-tools digitalforensics network-security digital-forensics forensic-analysis offensive-security intrusion-detection threat-intelligence detection-engineering digitalforensicreadiness forensics-investigations
Created 2021-08-06
81 commits to main branch, last one 5 months ago
matanolabs
matano matanolabs
96
1.4k
apache-2.0
22
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
aws dfir rust siem cloud secops alerting big-data security serverless aws-security cloud-native cybersecurity log-analytics apache-iceberg cloud-security log-management security-tools threat-hunting detection-engineering
Created 2022-07-03
575 commits to main branch, last one 21 days ago
cyb3rxp
awesome-soc cyb3rxp
186
1.1k
cc0-1.0
31
A collection of sources of documentation, as well as field best practices, to build/run a SOC
soa soc tip ttp cert siem sirp soar csirt detection management purpleteam architecture mitre-attack risk-management incident-response
Created 2022-08-23
656 commits to main branch, last one 19 days ago
netevert
sentinel-attack netevert
207
1.0k
mit
71
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
kql siem azure sysmon logging blue-team detection workbooks mitre-attack cybersecurity sysmon-config azure-sentinel security-tools threat-hunting terraform-azure
Created 2019-05-30
313 commits to master branch, last one 9 months ago
pfelk
pfelk pfelk
188
1.0k
other
39
pfSense/OPNsense + Elastic Stack
logs siem docker elastic pfsense firewall opnsense elasticsearch
Created 2017-11-02
2,573 commits to main branch, last one 7 days ago
mikeroyal
Open-Source-Security-Guide mikeroyal
80
872
unknown
29
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
siem infosec compliance kali-linux pentesters mitre-attack surveillance scanning-tool cyber-security forensics-tools vulnerabilities network-analysis incident-response offensive-security privacy-protection incident-management intrusion-detection information-security detection-engineering vulnerability-detection
Created 2020-10-17
118 commits to main branch, last one 5 months ago
jaegeral
security-apis jaegeral
131
850
mit
59
A collective list of public APIs for use in security. Contributions welcome
json siem json-api security awesome-list
Created 2018-01-09
117 commits to master branch, last one about a year ago
nsacyber
Event-Forwarding-Guidance nsacyber
164
841
other
97
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
siem windows event-log
This repository has been archived (exclude archived)
Created 2015-01-09
35 commits to master branch, last one 5 years ago
runreveal
pql runreveal
23
627
apache-2.0
5
Pipelined Query Language
go sql siem golang clickhouse query-language detection-engineering
Created 2024-01-26
118 commits to main branch, last one 15 days ago
tenzir
tenzir tenzir
85
622
bsd-3-clause
35
Open source security data pipelines.
soc pcap siem zeek sigma dataops netflow security suricata pipelines secdataops investigation threathunting incident-response
Created 2010-09-23
21,130 commits to main branch, last one a day ago
TonyPhipps
SIEM TonyPhipps
97
532
gpl-3.0
32
SIEM Tactics, Techiques, and Procedures
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-08-02
390 commits to master branch, last one about a month ago
iknowjason
PurpleCloud iknowjason
85
490
mit
25
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
dfir siem azure pentest azure-lab purpleteam dfir-automation
Created 2020-06-23
287 commits to master branch, last one 4 months ago
mdecrevoisier
EVTX-to-MITRE-Attack mdecrevoisier
81
479
cc0-1.0
24
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
evtx siem redteam mitre-attack threat-hunting
Created 2020-07-09
179 commits to master branch, last one 3 months ago
defenxor
dsiem defenxor
102
432
gpl-3.0
27
Security event correlation engine for ELK stack
elk siem ossim logstash security elasticsearch
Created 2018-11-04
601 commits to master branch, last one 4 months ago
TonyPhipps
Meerkat TonyPhipps
84
427
gpl-3.0
31
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
log red soc blue hunt scan siem team recon purple threat triage monitor analysis baseline incident response security forensics threat-hunting
Created 2018-02-08
443 commits to master branch, last one 23 days ago
strontic
xcyclopedia strontic
45
398
mit
25
Encyclopedia for Executables
exe siem soar ssdeep lolbins executable command-line
Created 2020-05-27
75 commits to master branch, last one 2 years ago
mthcht
ThreatHunting-Keywords mthcht
42
368
unknown
8
Awesome list of keywords and artifacts for Threat Hunting sessions
soc dfir iocs siem splunk redteam blueteam forensic elk-stack hacktools sigma-rules awesome-list threathunting threat-hunting endpoint-security incident-response offensive-scripts offensive-security threat-intelligence detection-engineering
Created 2023-05-16
421 commits to main branch, last one a day ago
GACWR
OpenUBA GACWR
211
360
gpl-3.0
31
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Indu...
elk uba siem ueba flask react spark nodejs sklearn security analytics tensorflow datascience cybersecurity elasticsearch threathunting user-behaviour machine-learning anomaly-detection information-security
Created 2019-09-24
179 commits to master branch, last one about a year ago
n0dec
MalwLess n0dec
58
269
gpl-3.0
29
Test Blue Team detections without running any attack.
dfir siem sysmon redteam blueteam powershell mitre-attack hacktoberfest
Created 2018-04-29
131 commits to master branch, last one 2 years ago
inodee
threathunting-spl inodee
39
261
unknown
24
Splunk code (SPL) for serious threat hunters and detection engineers.
spl siem rules splunk use-case threat-hunting
Created 2017-06-22
41 commits to master branch, last one 5 months ago
mthcht
awesome-lists mthcht
29
237
unknown
8
Awesome Security lists for SOC/CERT/CTI
ir cti ioc soc dfir iocs misp siem redteam blueteam security detection hacktools ransomware awesome-list blueteam-tools threat-hunting incident-response threat-intelligence detection-engineering
Created 2022-12-11
921 commits to main branch, last one 6 hours ago
eshlomo1
Microsoft-Sentinel-SecOps eshlomo1
59
231
mit
12
Microsoft Sentinel SOC Operations
ir soc siem azure secops hunting security microsoft cloudsecurity azure-sentinel threat-hunting incident-response microsoft-sentinel threat-intelligence
Created 2020-02-27
362 commits to master branch, last one 8 months ago
beave
sagan beave
64
230
unknown
27
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
ids ips log nsm siem syslog security log-monitoring
Created 2010-07-09
1,602 commits to master branch, last one 3 years ago
NVISOsecurity
ee-outliers NVISOsecurity
34
203
gpl-3.0
21
Open-source framework to detect outliers in Elasticsearch events
ml cirt siem netsec outliers statistics ee-outliers threat-hunting machine-learning anomaly-detection outlier-detection security-monitoring security-operations statistical-analysis
This repository has been archived (exclude archived)
Created 2018-12-11
1,690 commits to master branch, last one about a year ago