Stars
A Caldera plugin for the emulation of complete, realistic cyberattack chains.
IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
A comprehensive survey of datasets for research in host-based and/or network-based intrusion detection, with a focus on enterprise networks
Industrial datasets - datasets for evaluating industrial intrusion detection systems on IPAL.
Intrusion Detection Evaluation - A framework to evalute (Industrial) Intrusion Detection Systems.
Scripts to generate and analyze the AIT alert data set (AIT-ADS)
GHOSTS is a realistic user simulation framework for cyber simulation, training, and exercise
Tool for quickly checking the validity and completeness of a Sigma rule mapping
This project aims to compare and evaluate the telemetry of various EDR products.
Streamlit β A faster way to build and share data apps.
Cyber Threat Intelligence Repository expressed in STIX 2.0
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Rapidly Search and Hunt through Windows Forensic Artefacts
Documentation and scripts to properly enable Windows event logs.
Automate the creation of a lab environment complete with security tooling and logging best practices
Small enough to carry on your back (Backpack) ππ»
A Self-Contained Open-Source Cyberattack Experimentation Testbed
A plugin for the SOCBED framework enabling the execution of the APT29 threat actor
log data pre processing, generation and shipping in python
π Open source visualization dashboards for OpenSearch.
π Open source distributed and RESTful search engine.