Kali Linux

Sentinel-Attack : Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel

Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel

Overview

Sentinel ATT&CK provides the following tools:

  • An ARM template to automatically deploy Sentinel ATT&CK to your Azure environment
  • A Sysmon configuration file compatible with Azure Sentinel and mapped to specific ATT&CK techniques
  • A Sysmon log parser mapped against the OSSEM data model
  • 117 ready-to-use Kusto detection rules covering 156 ATT&CK techniques
  • A Sysmon threat hunting workbook inspired by the Threat Hunting App for Splunk to help simplify threat hunts
  • A Terraform script to provision a lab to test Sentinel ATT&CK
  • Comprehensive guidance to help you use the materials in this repository

Usage

Head over to the WIKI to learn how to deploy and run Sentinel ATT&CK.

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

15 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

15 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

15 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

15 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

15 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

18 hours ago