issues
search
OTRF
/
OSSEM-DM
OSSEM Detection Model
MIT License
167
stars
43
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Removing typo where references had a double dash
#58
Kyrasuum
closed
2 years ago
1
General repo update
#57
Cyb3rPandaH
closed
2 years ago
0
Merge pull request #53 from OTRF/main
#56
Cyb3rPandaH
closed
2 years ago
0
Uniquely identify Windows events for automated data collection
#55
b1t-hunter
opened
2 years ago
10
fixing missing characters in yml
#54
Kyrasuum
closed
2 years ago
1
Merge pull request #52 from OTRF/developer
#53
Cyb3rPandaH
closed
2 years ago
0
Initial revamp of the OSSEM Project - Data Modeling component
#52
Cyb3rPandaH
closed
2 years ago
0
Added a simple pipeline to generate relation and mapping files on commit or PR to the main repo
#51
olafhartong
closed
10 months ago
1
Fixed some typos
#50
Kyrasuum
closed
2 years ago
1
Update generate_uuid.py
#49
Cyb3rSn0rlax
opened
2 years ago
2
Review comments H1L021 PR # 46 - Python Script
#48
Cyb3rPandaH
closed
2 years ago
2
Review comments H1L021 PR # 46 - Trusted Logon Process
#47
Cyb3rPandaH
opened
2 years ago
3
Adding Logon Process Trusted
#46
Cyb3rSn0rlax
closed
2 years ago
1
rebrand MDE and add proper channel and event data
#45
olafhartong
closed
2 years ago
1
Update OSSEMDM.py
#44
Cyb3rPandaH
closed
2 years ago
1
reusing same syntax as in ossem dd
#43
SarguelUnda
closed
2 years ago
0
Change HOST entity to DEVICE
#42
Cyb3rPandaH
closed
2 years ago
1
Adding process_searched_ldap.yml
#41
Cyb3rSn0rlax
closed
2 years ago
2
Add IDs to Relationships
#40
Cyb3rWard0g
closed
2 years ago
0
We need a relationship for RPC telemetry
#39
Cyb3rWard0g
opened
2 years ago
0
Contribution of Windows events. Also included some small fixes.
#38
rubinatorz
closed
2 years ago
9
Firewall Enabled: data component not in ATT&CK?
#37
rubinatorz
closed
2 years ago
2
Added Sysmon for Linux to relationships
#36
Cyb3rWard0g
closed
3 years ago
1
User Entity might need to be broken down into Managed identity and service principal
#35
Cyb3rWard0g
opened
3 years ago
1
Added a lot of Defender for Endpoint mappings and some for Sysmon
#34
olafhartong
closed
3 years ago
2
Updating ossemDM_XPath_Queries.ps1
#33
Cyb3rPandaH
closed
3 years ago
0
Adding PowerShell Scripts
#32
Cyb3rPandaH
closed
3 years ago
0
Updated ossemDM.py to add filter_in data field
#31
Cyb3rPandaH
closed
3 years ago
0
Update Python Script Excel/MD to YAML : Ability to convert to event relationship template
#30
ashwin-patil
opened
3 years ago
2
Updated user_requested_access_to_file relationship
#29
Cyb3rPandaH
closed
3 years ago
0
files update
#28
Cyb3rPandaH
closed
3 years ago
0
Removed/Updated/Added relationships
#27
Cyb3rPandaH
closed
3 years ago
0
Data Objects: Computer & Host
#26
Cyb3rPandaH
closed
2 years ago
1
Added JSON ATTACK Mappings
#25
Cyb3rWard0g
closed
3 years ago
0
Additional relationships
#24
reidgilman
closed
3 years ago
3
Mapping Sysmon 8 - CreateRemoteThread
#23
Cyb3rPandaH
closed
3 years ago
0
Updated Jupyter Notebook
#22
Cyb3rPandaH
closed
3 years ago
0
Mapping AWS CloudTrail logs: Elastic Compute Cloud
#21
Cyb3rPandaH
closed
3 years ago
0
Jupyter Notebook: Techniques to Security Events Mapping
#20
Cyb3rPandaH
closed
3 years ago
0
Techniques to Security Events Mapping
#19
Cyb3rPandaH
closed
3 years ago
0
Readme file update
#18
Cyb3rPandaH
closed
3 years ago
0
Repository Structure Update
#17
Cyb3rPandaH
closed
3 years ago
0
Dev structure
#16
Cyb3rWard0g
closed
3 years ago
1
Mapping AWS CloudTrail logs - Network Firewall
#15
Cyb3rPandaH
closed
3 years ago
0
Mapping AWS CloudTrail logs - AwsApiCall events
#14
Cyb3rPandaH
closed
3 years ago
0
Mapping update (AWS) - mapping Sysmon 26
#13
Cyb3rPandaH
closed
3 years ago
0
Mapping AWS CloudTrail logs - Non-API events - AwsConsoleSignin
#12
Cyb3rPandaH
closed
3 years ago
0
Mapping MDATP Events - DeviceRegistryEvents
#11
Cyb3rPandaH
closed
3 years ago
0
Mapping MDATP Events
#10
Cyb3rPandaH
closed
3 years ago
0
Mapping MDATP - DeviceProcessEvents and DeviceFileEvents
#9
Cyb3rPandaH
closed
3 years ago
0
Next