28 results found Sort:
- Filter by Primary Language:
- Python (9)
- Go (5)
- Jupyter Notebook (2)
- Java (2)
- JavaScript (1)
- HTML (1)
- Rust (1)
- +
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
Created
2018-01-13
148 commits to master branch, last one about a year ago
This repository has no description...
Created
2020-06-17
2,653 commits to main branch, last one 3 days ago
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Created
2022-01-07
728 commits to main branch, last one 7 days ago
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
Created
2023-01-31
5,962 commits to master branch, last one 11 hours ago
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying m...
Created
2020-09-26
129 commits to main branch, last one about a month ago
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Created
2020-09-01
451 commits to master branch, last one 4 days ago
Threat-hunting tool for Linux
Created
2023-06-21
590 commits to main branch, last one 14 days ago
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Created
2020-11-02
30 commits to main branch, last one 2 months ago
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Created
2022-07-19
358 commits to main branch, last one 26 days ago
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
Created
2024-09-30
11 commits to main branch, last one 5 months ago
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
Created
2024-04-18
256 commits to develop branch, last one 6 days ago
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
Created
2022-01-11
288 commits to main branch, last one 9 months ago
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
Created
2022-06-16
99 commits to main branch, last one about a year ago
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Created
2023-09-19
1,789 commits to main branch, last one 3 days ago
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
apt
nlp
bert
security
attention
deeplearning
transformers
cybersecurity
cyber-security
threat-hunting
bert-embeddings
threat-analysis
threat-detection
security-automation
threat-intelligence
transformer-encoder
nlp-machine-learning
deep-learning-security
cyber-threat-intelligence
machine-learning-security
Created
2020-10-27
18 commits to main branch, last one about a year ago
Bypass 403
Created
2023-09-14
46 commits to main branch, last one 23 days ago
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
Created
2021-02-01
79 commits to main branch, last one about a year ago
ThreatSeeker: Threat Hunting via Windows Event Logs
Created
2023-04-11
4 commits to master branch, last one about a year ago
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to cont...
Created
2020-04-21
90 commits to master branch, last one 3 years ago
Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log reference...
Created
2025-01-26
218 commits to main branch, last one 14 days ago
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
Created
2024-12-15
118 commits to main branch, last one about a month ago
Sigma detection rules for hunting with the threathunting-keywords project
Created
2023-08-02
88 commits to main branch, last one 8 days ago
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Created
2021-11-21
6 commits to main branch, last one 2 years ago
Threat Detection & Anomaly Detection rules for popular open-source components
Created
2020-08-07
31 commits to master branch, last one 2 years ago
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat D...
Created
2021-12-12
13 commits to main branch, last one 2 years ago
A simple tool designed to create Atomic Red Team tests with ease.
Created
2024-11-22
22 commits to main branch, last one 2 months ago
A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network configurations across your infrastructure.
Created
2024-11-06
109 commits to main branch, last one about a month ago
To be used with tools like GoBuster & DirBuster but these lists are specifically tailored and designed for scanning phishing <>< landing pages and other malicious or sketch af financial/crypto fraud w...
Created
2023-01-26
162 commits to main branch, last one 9 days ago