Purpleteam scripts simulation & Detection - trigger events for SOC detections
-
Updated
May 29, 2024 - PowerShell
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Ingest Nessus files into Elasticsearch using PowerShell!
logrhythm powershell scripts
Ingest Nessus files into Elasticsearch using PowerShell!
Analyzing PowerShell execution on Windows systems.
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Microsoft Sentinel SOC Operations
CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.
Powershell script to query IBM Qradar SIEM and to generate KPI
A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.
A PowerShell module interface for working with the Securonix Web API
Vulnerability detection, OSquery, fully-fledged Wazuh ELK stack with Linux and Windows Wazuh + osquery enrollment via Ansible.
Encyclopedia for Executables
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."