EQL Analytics Library | CyberSecTools

EQL Analytics Library

0 (0)

The EQL Analytics Library (eqllib) is a library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK. It provides rules in EQL, KQL, or Lucene for the Elastic Stack, now integrated into the Detection Engine of Kibana.

Threat Management

Free

attack-paths attack-platform att&ck cybersecurity kibana

ALTERNATIVES

Burp-Yara-Rules

0 (0)

A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.

Threat Management

Free

appsec binary-security malware-detection web-app-security file-analysis

Ryan Stillions: On TTPs

0 (0)

In-depth analysis of real-world attacks and threat tactics

Threat Management

Free

threat-intelligence incident-response malware phishing social-engineering

YARA-Signatures

0 (0)

A collection of public YARA signatures for various malware families.

Threat Management

Free

threat-intelligence malware security-research yara signature

MITRE ATT&CK and CAPEC Datasets in STIX 2.0

0 (0)

Repository containing MITRE ATT&CK and CAPEC datasets in STIX 2.0 for cybersecurity threat modeling.

Threat Management

Free

cybersecurity threat-intelligence cti mitre-attack stix

The DFIR Report

0 (0)

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Threat Management

Free

cybersecurity dfir threat-intelligence incident-response malware-analysis

VT_RuleMGR.py

0 (0)

Tool for managing Yara rules on VirusTotal

Threat Management

Free

threat-intelligence malware-analysis virus-total yara rule-management