30 results found Sort:
- Filter by Primary Language:
- Python (9)
- Go (5)
- Jupyter Notebook (3)
- Java (2)
- JavaScript (1)
- HTML (1)
- Rust (1)
- +
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
Created
2018-01-13
148 commits to master branch, last one about a year ago
This repository has no description...
Created
2020-06-17
2,731 commits to main branch, last one a day ago
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Created
2022-01-07
732 commits to main branch, last one about a month ago
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
Created
2023-01-31
6,665 commits to master branch, last one a day ago
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying m...
Created
2020-09-26
130 commits to main branch, last one 7 days ago
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Created
2020-09-01
470 commits to master branch, last one 16 days ago
Threat-hunting tool for Linux
Created
2023-06-21
593 commits to main branch, last one 18 days ago
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Created
2020-11-02
31 commits to main branch, last one about a month ago
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Created
2022-07-19
366 commits to main branch, last one 16 days ago
select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
Created
2024-04-18
363 commits to develop branch, last one 7 days ago
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
Created
2024-09-30
11 commits to main branch, last one 6 months ago
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
Created
2022-01-11
288 commits to main branch, last one 10 months ago
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
Created
2022-06-16
99 commits to main branch, last one about a year ago
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
Created
2023-09-19
1,959 commits to main branch, last one 2 days ago
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
apt
nlp
bert
security
attention
deeplearning
transformers
cybersecurity
cyber-security
threat-hunting
bert-embeddings
threat-analysis
threat-detection
security-automation
threat-intelligence
transformer-encoder
nlp-machine-learning
deep-learning-security
cyber-threat-intelligence
machine-learning-security
Created
2020-10-27
18 commits to main branch, last one about a year ago
Bypass 403
Created
2023-09-14
46 commits to main branch, last one 2 months ago
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
Created
2021-02-01
79 commits to main branch, last one about a year ago
ThreatSeeker: Threat Hunting via Windows Event Logs
Created
2023-04-11
4 commits to master branch, last one about a year ago
Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log reference...
Created
2025-01-26
242 commits to main branch, last one 3 days ago
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to cont...
Created
2020-04-21
90 commits to master branch, last one 3 years ago
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
Created
2024-12-15
124 commits to main branch, last one 5 days ago
Flash-IDS is an open-source system developed by the DART Laboratory for advanced intrusion detection using provenance graph representation learning. It implements the techniques presented in our IEEE ...
Created
2023-10-28
3 commits to main branch, last one 11 months ago
Sigma detection rules for hunting with the threathunting-keywords project
Created
2023-08-02
88 commits to main branch, last one about a month ago
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Created
2021-11-21
6 commits to main branch, last one 3 years ago
Threat Detection & Anomaly Detection rules for popular open-source components
Created
2020-08-07
31 commits to master branch, last one 2 years ago
An index of publicly available and open-source threat detection rulesets.
Created
2025-04-04
2 commits to main branch, last one 15 days ago
To be used with tools like GoBuster & DirBuster but these lists are specifically tailored and designed for scanning phishing <>< landing pages and other malicious or sketch af financial/crypto fraud w...
Created
2023-01-26
176 commits to main branch, last one 8 days ago
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat D...
Created
2021-12-12
13 commits to main branch, last one 2 years ago
A simple tool designed to create Atomic Red Team tests with ease.
Created
2024-11-22
23 commits to main branch, last one about a month ago
A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network configurations across your infrastructure.
Created
2024-11-06
109 commits to main branch, last one 2 months ago