Splunk Attack Data Repository Logo

Splunk Attack Data Repository

0
Free
Visit Website

A repository of curated datasets from various attacks to easily develop and test detections, specifically designed for validating detections in production SIEM installations using Splunk's Security Content Replay into streaming pipelines. Utilizes GitHub LFS for managing large files, with installation instructions provided for Mac users and other operating systems.

FEATURES

ALTERNATIVES

PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.

A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.

A framework for managing cyber threat intelligence in structured formats.

Parse IOCs from text

Automatically create yara rules based on images embedded in office documents.

AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.

Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.

A platform providing an activity feed on exploited vulnerabilities.