sentinel-attack
Threat hunter
A tool to quickly deploy a threat hunting capability on Azure Sentinel using Sysmon and MITRE ATT&CK
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
1k stars
72 watching
209 forks
last commit: 3 months ago
Linked from 1 awesome list
azureazure-sentinelblue-teamcybersecuritydetectionkqlloggingmitre-attacksecurity-toolssiemsysmonsysmon-configterraform-azurethreat-huntingworkbooks
Related projects:
Repository | Description | Stars |
---|---|---|
| A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
| A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
| An aggregator tool for querying multiple services to gather threat intelligence data. | 870 |
| A platform for searching and analyzing publicly available online data to detect potential security threats | 515 |
| A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
| Collection of resources and concepts for threat hunting and detection engineering. | 372 |
| A collection of threat intelligence resources and tools for analyzing APT malware | 257 |
| Tools and rules for detecting malicious domain calls in endpoint malware | 570 |
| A PowerShell module designed to detect potential security threats in Azure AD environments | 617 |
| Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 869 |
| A community-driven project providing shared detection logic and resources for threat hunting | 4,049 |
| An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,726 |
| Detects and mitigates advanced threat tradecraft by analyzing system events and behavior patterns | 2,246 |
| A Splunk application designed to guide threat hunts by mapping investigations to the MITRE ATT&CK framework | 1,141 |
| A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 280 |