Splunk Attack Data Repository Logo

Splunk Attack Data Repository

0
Free
Visit Website

A repository of curated datasets from various attacks to easily develop and test detections, specifically designed for validating detections in production SIEM installations using Splunk's Security Content Replay into streaming pipelines. Utilizes GitHub LFS for managing large files, with installation instructions provided for Mac users and other operating systems.

FEATURES

ALTERNATIVES

Collect various intelligence sources for hosts in CSV format.

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.

A PowerShell module for threat hunting via Windows Event Logs

Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.

A repository to aid Windows threat hunters in looking for common artifacts.

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring.

A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.

Platform for the latest threat intelligence information

PINNED