42 results found Sort:

sbousseaden
EVTX-ATTACK-SAMPLES sbousseaden
406
2.3k
gpl-3.0
143
Windows Events Attack Samples
dfir evtx dataset winlogbeat mitre-attack threat-hunting windows-security detection-engineering
Created 2019-03-15
676 commits to master branch, last one about a year ago
DataDog
stratus-red-team DataDog
220
1.9k
apache-2.0
38
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
aws security purple-team aws-security gcp-security mitre-attack azure-security cloud-security threat-detection adversary-emulation kubernetes-security cloud-native-security detection-engineering
Created 2022-01-07
697 commits to main branch, last one about a month ago
mikeroyal
Digital-Forensics-Guide mikeroyal
214
1.7k
unknown
31
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
dfir siem osint alerting security forensics mitre-attack port-scanning cyber-security forensics-tools digitalforensics network-security digital-forensics forensic-analysis offensive-security intrusion-detection threat-intelligence detection-engineering digitalforensicreadiness forensics-investigations
Created 2021-08-06
81 commits to main branch, last one about a year ago
matanolabs
matano matanolabs
106
1.5k
apache-2.0
22
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
aws dfir rust siem cloud secops alerting big-data security serverless aws-security cloud-native cybersecurity log-analytics apache-iceberg cloud-security log-management security-tools threat-hunting detection-engineering
Created 2022-07-03
575 commits to main branch, last one 7 months ago
splunk
security_content splunk
375
1.3k
apache-2.0
72
Splunk Security Content
cicd splunk detection responses engineering cybersecurity detection-engineering
Created 2018-12-18
25,143 commits to develop branch, last one a day ago
mikeroyal
Open-Source-Security-Guide mikeroyal
86
933
unknown
29
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
siem infosec compliance kali-linux pentesters mitre-attack surveillance scanning-tool cyber-security forensics-tools vulnerabilities network-analysis incident-response offensive-security privacy-protection incident-management intrusion-detection information-security detection-engineering vulnerability-detection
Created 2020-10-17
118 commits to main branch, last one about a year ago
infosecB
awesome-detection-engineering infosecB
81
884
cc0-1.0
28
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying m...
mitre splunk awesome awesome-list cybersecurity threat-detection detection-engineering
Created 2020-09-26
125 commits to main branch, last one 3 months ago
BushidoUK
Ransomware-Tool-Matrix BushidoUK
96
850
unknown
22
A resource containing all the tools each ransomware gangs uses
cti osint hacking ransomware threatintel cybersecurity threat-hunting threat-intelligence detection-engineering
Created 2024-08-12
568 commits to main branch, last one 18 hours ago
mvelazc0
PurpleSharp mvelazc0
110
784
bsd-3-clause
30
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
purple-team controls-validation adversary-simulation detection-engineering
Created 2019-09-08
177 commits to master branch, last one 18 days ago
mthcht
awesome-lists mthcht
86
752
mit
27
Awesome Security lists for SOC/CERT/CTI
ir cti ioc rmm soc dfir iocs siem redteam blueteam security detection hacktools ransomware awesome-list blueteam-tools threat-hunting incident-response threat-intelligence detection-engineering
Created 2022-12-11
12,401 commits to main branch, last one 16 hours ago
Cyb3r-Monk
Threat-Hunting-and-Detection Cyb3r-Monk
102
684
bsd-3-clause
28
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
kql dfir cybersecurity kusto-language threat-hunting threat-detection microsoft-sentinel defender-for-endpoint detection-engineering
Created 2020-11-02
30 commits to main branch, last one 15 days ago
runreveal
pql runreveal
25
645
apache-2.0
5
Pipelined Query Language
go sql siem golang clickhouse query-language detection-engineering
Created 2024-01-26
124 commits to main branch, last one 2 days ago
mthcht
ThreatHunting-Keywords mthcht
55
493
unknown
11
Awesome list of keywords and artifacts for Threat Hunting sessions
soc dfir iocs siem splunk redteam blueteam forensic elk-stack hacktools yara-rules awesome-list threathunting threat-hunting endpoint-security incident-response offensive-scripts offensive-security threat-intelligence detection-engineering
Created 2023-05-16
526 commits to main branch, last one 9 days ago
sbousseaden
Slides sbousseaden
61
372
unknown
33
Misc Threat Hunting Resources
dfir mindmap threat-hunting detection-engineering
Created 2019-10-20
75 commits to master branch, last one 2 years ago
nianticlabs
venator nianticlabs
19
365
mit
4
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
golang kubernetes threat-detection detection-engineering
Created 2024-09-30
11 commits to main branch, last one 3 months ago
DataDog
threatest DataDog
22
322
apache-2.0
13
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
threat-detection continuous-security security-automation detection-engineering
Created 2022-06-16
99 commits to main branch, last one about a year ago
DataDog
grimoire DataDog
14
191
apache-2.0
3
Generate datasets of cloud audit logs for common attacks
purpleteaming cloud-security detection-engineering
Created 2023-01-24
48 commits to main branch, last one 4 months ago
nasbench
SIGMA-Resources nasbench
14
171
unknown
9
Resources To Learn And Understand SIGMA Rules
linux rules sigma awesome windows learning detection resources sigma-rules detection-engineering
Created 2021-10-10
13 commits to main branch, last one about a year ago
mthcht
Purpleteam mthcht
18
167
unknown
7
Purpleteam scripts simulation & Detection - trigger events for SOC detections
ioc soc siem linux awesome redteam tactics windows blueteam security detection purpleteam simulation techniques awesome-list mitre-attack threathunting threat-hunting offensive-scripts detection-engineering
Created 2022-12-05
726 commits to main branch, last one 15 days ago
0xrawsec
gene 0xrawsec
18
165
gpl-3.0
14
Signature engine for all your logs
dfir threat-hunting detection-engineering
Created 2017-07-20
114 commits to master branch, last one about a year ago
3CORESec
SIEGMA 3CORESec
21
144
agpl-3.0
10
SIEGMA - Transform Sigma rules into SIEM consumables
siem sigma security data-driven detection-engineering
Created 2020-09-28
232 commits to master branch, last one about a year ago
ControlCompass
ControlCompass.github.io ControlCompass
27
127
mit
6
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
soc siem infosec red-team security detection red-teaming intelligence mitre-attack cybersecurity security-tools threat-hunting security-operations threat-intelligence information-security detection-engineering
Created 2022-01-24
182 commits to main branch, last one 2 years ago
lawndoc
AdvancedHuntingQueries lawndoc
17
114
unlicense
5
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
kql xdr kusto hunting defender security detection microsoft defender-atp microsoft365 cybersecurity cyber-security threat-hunting defender-for-endpoint detection-engineering
Created 2021-08-13
140 commits to main branch, last one 5 months ago
mvelazc0
attack2jira mvelazc0
29
111
bsd-3-clause
8
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
mitre mitre-attack attack-coverage detection-engineering
Created 2019-10-02
48 commits to master branch, last one about a year ago
mthcht
ThreatHunting-Keywords-yara-rules mthcht
12
90
other
6
yara detection rules for hunting with the threathunting-keywords project
dfir hunting blueteam hacktools yara-rules awesome-list yara-scanner threat-hunting yara-forensics forensics-tools yara-signatures incident-response offensive-security threat-intelligence detection-engineering
Created 2023-10-19
111 commits to main branch, last one 27 days ago
anvilogic-forge
armory anvilogic-forge
5
88
gpl-3.0
5
Anvilogic Forge
splunk detection snowflake threat-hunting detection-engineering
Created 2024-02-05
792 commits to main branch, last one 22 days ago
bradleyjkemp
sigma-go bradleyjkemp
18
85
mit
5
A Go implementation and parser for Sigma rules.
sigma detection-engineering
Created 2020-09-10
70 commits to main branch, last one 4 months ago
0xAnalyst
DefenderATPQueries 0xAnalyst
8
77
gpl-3.0
2
Hunting Queries for Defender ATP
kql sentinel microsoft defender-atp threat-hunting detection-rules detection-engineering
Created 2023-09-12
276 commits to main branch, last one about a month ago
adrianlois
DFIR-Detection-Engineering adrianlois
11
75
gpl-3.0
2
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...
dfir tips linux macosx tricks forense malware windows security artefacts deteccion forensics artefactos evidencias anti-forense cybersecurity digital-forensics incident-response detection-engineering
Created 2023-06-26
262 commits to main branch, last one 2 months ago
AttackIQ
SigmAIQ AttackIQ
12
71
lgpl-2.1
1
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
llm sigma python3 security langchain sigma-rules security-tools detection-engineering
Created 2023-06-13
74 commits to master branch, last one about a month ago