Open Threat Research Forge

Blacksmith Public
Building environments to replicate small networks and deploy applications

PowerShell 250 GPL-3.0 56 0 0 Updated May 18, 2022
Security-Datasets Public
Re-play Security Events

PowerShell 1,221 MIT 185 2 1 Updated May 18, 2022
Microsoft-Sentinel2Go Public
Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.

PowerShell 374 GPL-3.0 100 1 0 Updated May 16, 2022
OSSEM-DM Public
OSSEM Detection Model

Python 92 MIT 26 12 2 Updated May 14, 2022
OSSEM-DD Public
OSSEM Data Dictionaries

Python 32 MIT 11 15 (1 issue needs help) 0 Updated May 6, 2022
OSSEM Public
Open Source Security Events Metadata (OSSEM)

Python 1,006 MIT 188 13 (1 issue needs help) 1 Updated Apr 26, 2022
OSSEM-CDM Public
OSSEM Common Data Model

35 MIT 12 16 1 Updated Apr 21, 2022
ThreatHunter-Playbook Public
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Python 3,081 MIT 703 4 0 Updated Feb 19, 2022
Set-AuditRule Public
Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity

PowerShell 65 GPL-3.0 19 0 0 Updated Feb 2, 2022
ATTACK-Python-Client Public
Python Script to access ATT&CK content available in STIX via a public TAXII server

Python 450 BSD-3-Clause 99 7 (5 issues need help) 0 Updated Jan 20, 2022

Pinned