Pinned Repositories
osquery-filters
Pertinax
Integrating Sysinternals Autoruns’ logs into Security Onion
so-idh
Sysmon_ELSA_Parsers
ELSA Parsers for Sysmon Events
Sysmon_OSSEC
OSSEC Decoder & Rulesets for Sysmon Events
Win-Process-Tracking_ELSA_Parsers
ELSA Parsers for Windows Process Tracking Events
WinTAP
Mirror network traffic from one interface to another on Windows
defensivedepth's Repositories
defensivedepth/osquery-filters
defensivedepth/Pertinax
Integrating Sysinternals Autoruns’ logs into Security Onion
defensivedepth/WinTAP
Mirror network traffic from one interface to another on Windows
defensivedepth/so-idh
defensivedepth/elastic-agent-event-filters
Project to convert Sysmon config filters to Elastic Agent - Defend Integration filters
defensivedepth/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
defensivedepth/fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
defensivedepth/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
defensivedepth/cyber-security-hub.github.io
Cyber Security Trainings
defensivedepth/defensive-intel
defensivedepth/elastalert
Easy & Flexible Alerting With ElasticSearch
defensivedepth/endoflife.date
Informative site with EoL dates of everything
defensivedepth/evtx2es
A library for fast import of Windows Eventlogs into Elasticsearch.
defensivedepth/integrations
Elastic Integrations
defensivedepth/jamfprotect
A repository for open-source resources created for use with or alongside Jamf Protect.
defensivedepth/kratos
Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service.
defensivedepth/opencanary
Modular and decentralised honeypot
defensivedepth/pySigma
Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
defensivedepth/pySigma-backend-elasticsearch
pySigma Elasticsearch backend
defensivedepth/rwwiv
defensivedepth/sample-html
⛵ App Platform sample HTML application.
defensivedepth/securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
defensivedepth/securityonion-image
defensivedepth/securityonion-soc
defensivedepth/sigconverter.io
An opensource sigma conversion tool built using pysigma
defensivedepth/sigma
Main Sigma Rule Repository
defensivedepth/sigma-cli
The Sigma command line interface based on pySigma
defensivedepth/sigmahq.github.io
Official Website Of The Sigma Project
defensivedepth/sigmarulestest
defensivedepth/sysmon-modular
A repository of sysmon configuration modules