FireEye Red Team Tool Countermeasures Logo

FireEye Red Team Tool Countermeasures

0
Free
Visit Website

These rules are provided freely to the community without warranty. In this GitHub repository you will find rules in multiple languages: Snort Yara ClamAV HXIOC The rules are categorized and labeled into two release states: Production: rules that are expected to perform with minimal tuning. Supplemental: rules that are known to require further environment-specific tuning and tweaking to perform, and are often used for hunting workflows. Please check back to this GitHub for updates to these rules. FireEye customers can refer to the FireEye Community (community.fireeye.com) for information on how FireEye products detect these threats. The entire risk as to quality and performance of these rules is with the users.

FEATURES

ALTERNATIVES

TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.

Signature-based YARA rules for detecting and preventing threats within Linux, Windows, and macOS systems.

A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.

AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.

A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.

Amazon GuardDuty is a threat detection service for AWS accounts.

A collection of Yara rules licensed under the DRL 1.1 License.

Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.

PINNED