Security-operation-book目前已覆盖116个TID,354个技术点。主要涵盖Web、Windows AD、Linux,涉及ATT&CK技术、模拟测试、检测思路、检测所需数据源等。
Web_Attck检测规则为Suricata、Sigma两种格式,端点检测规则为Sigma格式为主。
forked from 0x783kb/Security-Operation-Book
-
Notifications
You must be signed in to change notification settings - Fork 0
kepler404/Threathunting-book
About
ATT&CK理解+sigma规则研究
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published