Skip to content

petstuk/detections

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
sigma
sigma
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

detections

This repository is used to build multiple detections across 14 different categories. It is a detection engineering practice space, with rules written primarily in Sigma and optionally translated for Splunk and/or Sentinel.

Categories

  • DNS-Based
  • Network & TLS
  • Windows Authentication & Credentials
  • Windows Process Execution & LOLBins
  • Windows Persistence
  • Lateral Movement
  • Active Directory Attacks
  • Linux Persistence & Privesc
  • Email & Phishing
  • Cloud & Modern Identity
  • Malware & C2
  • Defence Evasion
  • Data Exfiltration

About

This repository is used to build multiple detections across 14 different categories. It is a detection engineering practice space, with rules written primarily in Sigma and optionally translated for Splunk and/or Sentinel.

Topics

sigma detections

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors