20 results found Sort:

0x4D31
awesome-threat-detection 0x4D31
660
3.8k
unknown
194
✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️
awesome security detection awesome-list threat-hunting threat-detection incident-response
Created 2018-01-13
148 commits to master branch, last one about a year ago
DataDog
stratus-red-team DataDog
215
1.8k
apache-2.0
38
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
aws security purple-team aws-security gcp-security mitre-attack azure-security cloud-security threat-detection adversary-emulation kubernetes-security cloud-native-security detection-engineering
Created 2022-01-07
694 commits to main branch, last one 9 days ago
akto-api-security
akto akto-api-security
204
1.1k
mit
17
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
idor security devsecops api-testing api-security owasp-top-10 api-discovery authorization hacktoberfest authentication security-testing threat-detection hacktoberfest2023 devsecops-pipeline api-security-testing sensitive-data-exposure
Created 2023-01-31
4,935 commits to master branch, last one a day ago
thalesgroup-cert
Watcher thalesgroup-cert
125
865
agpl-3.0
39
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
misp nltk osint django webapp reactjs thehive watcher phishing security certstream monitoring rss-bridge osint-python cybersecurity threat-hunting threat-detection incident-response threat-intelligence certificate-transparency
Created 2020-09-01
412 commits to master branch, last one 14 days ago
infosecB
awesome-detection-engineering infosecB
77
850
cc0-1.0
28
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying m...
mitre splunk awesome awesome-list cybersecurity threat-detection detection-engineering
Created 2020-09-26
125 commits to main branch, last one 2 months ago
Cyb3r-Monk
Threat-Hunting-and-Detection Cyb3r-Monk
102
643
bsd-3-clause
29
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
kql dfir cybersecurity kusto-language threat-hunting threat-detection microsoft-sentinel defender-for-endpoint detection-engineering
Created 2020-11-02
24 commits to main branch, last one 6 days ago
cyb3rmik3
KQL-threat-hunting-queries cyb3rmik3
69
601
mit
15
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
kql kusto security sentinel microsoft kusto-query threat-hunt microsoftxdr microsoft-365 microsoft-xdr securitycenter threat-hunting threat-detecting threat-detection microsoft-security microsoft-sentinel kusto-query-language microsoft-365-defender microsoft-365-security
Created 2022-07-19
343 commits to main branch, last one 17 days ago
kunai-project
kunai kunai-project
22
392
gpl-3.0
10
Threat-hunting tool for Linux
ebpf linux threat-hunting threat-detection security-monitoring
Created 2023-06-21
506 commits to main branch, last one 23 hours ago
nianticlabs
venator nianticlabs
19
352
mit
4
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
golang kubernetes threat-detection detection-engineering
Created 2024-09-30
11 commits to main branch, last one about a month ago
GoogleCloudPlatform
security-analytics GoogleCloudPlatform
69
325
apache-2.0
27
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
gcp logging bigquery security chronicle audit-logs google-cloud network-logs log-analytics network-analysis threat-detection security-operations cloud-security-command-center
Created 2022-01-11
288 commits to main branch, last one 5 months ago
DataDog
threatest DataDog
22
319
apache-2.0
13
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
threat-detection continuous-security security-automation detection-engineering
Created 2022-06-16
99 commits to main branch, last one 11 months ago
jackaduma
SecBERT jackaduma
28
158
mit
8
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
apt nlp bert security attention deeplearning transformers cybersecurity cyber-security threat-hunting bert-embeddings threat-analysis threat-detection security-automation threat-intelligence transformer-encoder nlp-machine-learning deep-learning-security cyber-threat-intelligence machine-learning-security
Created 2020-10-27
18 commits to main branch, last one about a year ago
MFMokbel
Crawlector MFMokbel
10
125
mit
4
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
threat-hunting threat-detection malware-detection
Created 2021-02-01
79 commits to main branch, last one 12 months ago
spyboy-productions
WebSecProbe spyboy-productions
17
117
mit
2
Bypass 403
access-403 bypass-403 header-injection threat-detection url-manipulation payload-variations web-security-audit historical-analysis http-request-analysis security-assessment-tool vulnerability-assessment web-application-security wayback-machine-integration web-vulnerability-detection
Created 2023-09-14
45 commits to main branch, last one 3 months ago
ine-labs
ThreatSeeker ine-labs
13
114
mit
5
ThreatSeeker: Threat Hunting via Windows Event Logs
evtx sysmon threat windows log-analysis threat-detection threat-intelligence
Created 2023-04-11
4 commits to master branch, last one about a year ago
jonrau1
SyntheticSun jonrau1
16
76
gpl-3.0
8
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to cont...
aws misp kibana guardduty sagemaker automation serverless geolocation aws-security data-science elasticsearch aws-serverless security-tools machine-learning threat-detection anomaly-detection incident-response data-visualization security-automation threat-intelligence
Created 2020-04-21
90 commits to master branch, last one 3 years ago
Loginsoft-LLC
threat-detection-rules Loginsoft-LLC
11
50
gpl-3.0
3
Threat Detection & Anomaly Detection rules for popular open-source components
siem sigma splunk elasticsearch threat-hunting threat-detection anomaly-detection
Created 2020-08-07
31 commits to master branch, last one 2 years ago
infosecB
detection-as-code infosecB
14
49
gpl-3.0
3
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
blueteam cybersecurity threat-detection detection-engineering
Created 2021-11-21
6 commits to main branch, last one 2 years ago
mthcht
ThreatHunting-Keywords-sigma-rules mthcht
5
47
unknown
3
Sigma detection rules for hunting with the threathunting-keywords project
dfir siem blueteam sigma-rules mitre-attack threathunting threat-hunting detection-rules threat-detection forensicartifacts detection-engineering
Created 2023-08-02
84 commits to main branch, last one 18 days ago
paulveillard
cybersecurity-threat-detection paulveillard
8
37
mit
5
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat D...
cybersecurity security-tools threat-blocker threat-hunting threat-monitor threat-analysis threat-explorer threat-modeling threat-response malware-analysis threat-detection malware-detection malware-development threat-intelligence encryption-decryption security-vulnerability threat-detection-policy
Created 2021-12-12
13 commits to main branch, last one 2 years ago