Kali Linux

Sentinel-Attack : Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel

Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel

Overview

Sentinel ATT&CK provides the following tools:

  • An ARM template to automatically deploy Sentinel ATT&CK to your Azure environment
  • A Sysmon configuration file compatible with Azure Sentinel and mapped to specific ATT&CK techniques
  • A Sysmon log parser mapped against the OSSEM data model
  • 117 ready-to-use Kusto detection rules covering 156 ATT&CK techniques
  • A Sysmon threat hunting workbook inspired by the Threat Hunting App for Splunk to help simplify threat hunts
  • A Terraform script to provision a lab to test Sentinel ATT&CK
  • Comprehensive guidance to help you use the materials in this repository

Usage

Head over to the WIKI to learn how to deploy and run Sentinel ATT&CK.

R K

Recent Posts

Playwright-MCP : A Powerful Tool For Browser Automation

Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…

14 hours ago

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

1 day ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

2 days ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

2 days ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

2 days ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

2 days ago