RedELK is a Red Team's SIEM tool designed to track and alarm about Blue Team activities, enhancing usability in long-term operations.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.
Serverless, real-time data analysis framework for incident detection and response.
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
A tool that collects and displays user activity and system events on a Windows system.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.