GitHub topics: detection-engineering
Cursed271/CipherStrike
Ransomware simulation framework built in Python. Includes encryption, exfiltration, and C2 server capabilities to test and validate EDR detections in controlled environments.
Language: Python - Size: 538 KB - Last synced at: 29 minutes ago - Pushed at: about 2 hours ago - Stars: 0 - Forks: 0
BushidoUK/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
Size: 757 KB - Last synced at: about 10 hours ago - Pushed at: about 12 hours ago - Stars: 1,122 - Forks: 124
ClearLotus-git/bnrp-detection-lab
LLMNR/NBT-NS Detection
Language: PowerShell - Size: 87.9 KB - Last synced at: about 13 hours ago - Pushed at: about 14 hours ago - Stars: 0 - Forks: 0
penxpkj/Defensive-Security-Hub
# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and enhance your skills. 🌐🔒
Size: 25.4 KB - Last synced at: about 21 hours ago - Pushed at: about 24 hours ago - Stars: 1 - Forks: 0
Chintan2604/forensic
Conteneur Docker tout-en-un pour l'investigation numérique, incluant des outils préinstallés pour l'analyse forensique de disques, mémoire, malwares et appareils mobiles.
Language: Dockerfile - Size: 11.7 KB - Last synced at: about 22 hours ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
Nidhi2302/TIE-mcp-server
🔒 AI-powered MITRE ATT&CK technique prediction server using machine learning for cybersecurity threat intelligence and attack progression forecasting
Language: Python - Size: 974 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0
xpinux/Project-SABER
Project-SABER: A repository of KQL queries and parsers for threat hunting, threat detection, and log parsing in Microsoft Sentinel & Microsoft XDR (formerly Microsoft 365 Defender)
Size: 140 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 2 - Forks: 0
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
Language: YARA - Size: 24 GB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 1,097 - Forks: 140
oliviagallucci/og-apple-security
my notes on Apple security 💻🍏
Language: Objective-C - Size: 58.7 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 10 - Forks: 0
LasCC/SentinelOne-Userscript
A userscript that enhances the SentinelOne PowerQuery interface with a custom threat hunting button that follow the website UI / UX design interface.
Language: JavaScript - Size: 305 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 5 - Forks: 0
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Size: 130 KB - Last synced at: 4 days ago - Pushed at: 2 months ago - Stars: 1,044 - Forks: 101
splunk/security_content
Splunk Security Content
Language: Python - Size: 291 MB - Last synced at: 6 days ago - Pushed at: 9 days ago - Stars: 1,484 - Forks: 418
fpeakman/KQL-Detections-Hunting
A collection of Mitre ATT&CK aligned KQL detection and audit queries for Defender XDR.
Size: 44.9 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 0 - Forks: 0
brianbrandson/kql-threat-hunting-cases
Case-based KQL investigations (KC7 + homelab) for blue-team threat hunting and incident response.
Size: 559 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 0 - Forks: 0
runreveal/runreveal-docs
The code powering RunReveal's documentation.
Language: MDX - Size: 33.7 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 3 - Forks: 3
st0pp3r/awesome-detection-engineer
Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log references, resources, labs, data manipulation online tools, blogs, newsletters, good reads, books, trainings, podcasts, videos and twitter/x accounts.
Language: HTML - Size: 512 KB - Last synced at: 10 days ago - Pushed at: about 2 months ago - Stars: 115 - Forks: 15
anvilogic-forge/armory
Anvilogic Forge
Size: 2.38 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 106 - Forks: 7
XnXaka10AgeRiots/Security-Incident-Response-Playbooks
🔒 Streamline security responses with playbooks for data breaches, DDoS attacks, and ransomware, complete with step-by-step guides and automation scripts.
Language: Python - Size: 19.5 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 0 - Forks: 0
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
Language: PowerShell - Size: 216 MB - Last synced at: 10 days ago - Pushed at: about 1 month ago - Stars: 599 - Forks: 74
OmarHassan-99/Elastic-API-Threat-Detection-Rules
Practical guide to ElasticSearch & Kibana covering CRUD operations, ingestion pipelines, and custom threat detection rules for suspicious PowerShell activity on Windows. Includes tested scenarios with log shipping using Winlogbeat.
Size: 2.3 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0
mthcht/Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Language: PowerShell - Size: 39.5 MB - Last synced at: 10 days ago - Pushed at: 9 months ago - Stars: 188 - Forks: 20
Syedwaqas768/Homelab---Enterprise-101
🖥️ Build a homelab simulating enterprise security with Active Directory, Wazuh, and controlled attack scenarios for hands-on defense learning.
Size: 227 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 0 - Forks: 0
MrM8BRH/Defensive-Security-Hub
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
Size: 4.02 MB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 8 - Forks: 1
panther-labs/pypanther
A Pythonic Detection Rules Framework
Language: Python - Size: 3.16 MB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 11 - Forks: 2
mthcht/ThreatHunting-Keywords-yara-rules
yara detection rules for hunting with the threathunting-keywords project
Language: YARA - Size: 86.4 MB - Last synced at: 8 days ago - Pushed at: 4 months ago - Stars: 127 - Forks: 18
OmarHassan-99/ELK-Stack-Security-Monitoring
Step-by-step setup of an ELK Stack (Elasticsearch, Kibana, Fluent Bit, Winlogbeat) for log ingestion, visualization, and threat detection. Includes installation on Ubuntu & Windows, data integration, and detection rules to simulate suspicious activity.
Size: 2.84 MB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 0 - Forks: 0
Digital-Defense-Institute/lc-detectionforge
A specialized environment for crafting, validating, and testing LimaCharlie detection rules
Language: Vue - Size: 388 KB - Last synced at: 7 days ago - Pushed at: 24 days ago - Stars: 15 - Forks: 3
rigelnoble/detections
Size: 12.7 KB - Last synced at: 25 days ago - Pushed at: 25 days ago - Stars: 0 - Forks: 0
Aamir-Muhammad/CrowdStrike-Queries
CrowdStrike Falcon Advanced Threat Hunting Queries
Size: 63.5 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 2 - Forks: 0
AlbinoGazelle/esxi-testing-toolkit
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
Language: Python - Size: 13 MB - Last synced at: 1 day ago - Pushed at: 5 months ago - Stars: 78 - Forks: 10
PhiAu1030/Homelab---Enterprise-101
Homelab project built by following Enterprise 101 guide. Configured Active Directory, Wazuh (SIEM), MailHog for simulated enterprise defense, and simulation attacks for offense, with troubleshooting and documentation.
Size: 271 KB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 0 - Forks: 0
ndr-repo/awesome-threat-hunting
Size: 73.2 KB - Last synced at: 12 days ago - Pushed at: 27 days ago - Stars: 0 - Forks: 0
varppi/LiteCanary
Self hostable canary alerts
Language: Go - Size: 46.9 KB - Last synced at: 15 days ago - Pushed at: 29 days ago - Stars: 0 - Forks: 0
certeu/droid
A pySigma wrapper to manage detection rules.
Language: Python - Size: 272 KB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 40 - Forks: 5
darkquasar/purplerepo
🛡️⚔️ Curated GitHub repos for Defensive & Offensive Cyber Tradecraft
Language: TypeScript - Size: 17.4 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 3 - Forks: 2
DataDog/grimoire
Generate datasets of cloud audit logs for common attacks
Language: Go - Size: 1.11 MB - Last synced at: 10 days ago - Pushed at: about 1 year ago - Stars: 218 - Forks: 20
0x1f6/active-directory-security-research-toolkit
Language: Python - Size: 37.1 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0
muchdogesec/siemrules
An API that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 329 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 1
muchdogesec/txt2detection
A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 395 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 7 - Forks: 1
adrianlois/DFIR-Detection-Engineering
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
Size: 1.3 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 83 - Forks: 12
nasbench/SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
Size: 13.7 KB - Last synced at: 10 days ago - Pushed at: over 2 years ago - Stars: 180 - Forks: 13
TTLNinja/madlibs
DNS sourced Mad Lib Game
Language: HTML - Size: 179 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
mannyfred/MentalTi
Mentally ill EtwTi parser
Language: C++ - Size: 248 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 63 - Forks: 3
DataDog/threatest
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
Language: Go - Size: 382 KB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 331 - Forks: 24
integrateddefense/lab_infra
Infrastructure as Code for the home lab
Size: 1.23 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
Gamlive11/og-apple-security
Explore notes on Apple security, focusing on macOS detection engineering and threat hunting. Enhance your skills with resources and practical insights. 🐙🍏
Size: 1.95 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
mvelazc0/PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
Language: C# - Size: 859 KB - Last synced at: about 2 months ago - Pushed at: 9 months ago - Stars: 813 - Forks: 111
BenjiTrapp/aws-threat-hunting
Short deep dive into Threat Hunting on AWS
Language: Jupyter Notebook - Size: 234 MB - Last synced at: 7 days ago - Pushed at: almost 2 years ago - Stars: 13 - Forks: 2
rfackroyd/detection-engineering-starter-pack
A starter pack of resources to help you get started in Detection Engineering.
Size: 18.6 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 110 - Forks: 16
jacobstickney/ThreatActorProcedures-MITRE-ATTACK
A collection of specific commands used by threat actors, detailing their procedural implementations of tactics and techniques from the MITRE ATT&CK framework.
Size: 126 KB - Last synced at: 3 days ago - Pushed at: 7 months ago - Stars: 8 - Forks: 3
panther-labs/pypanther-starter-kit
A Python-native Detection as Code Framework
Language: Python - Size: 401 KB - Last synced at: 26 days ago - Pushed at: 3 months ago - Stars: 17 - Forks: 6
Guilh6924/grimoire
Create professional EPUBs effortlessly with Grimoire. Perfect for authors, bloggers, and educators. Start writing today! 🚀📚
Language: JavaScript - Size: 117 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Language: Go - Size: 3.8 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 2,043 - Forks: 246
texasbe2trill/sigma-linux-backend
A lightweight, standalone implementation for Sigma rule evaluation when the full pySigma backend ecosystem isn't available or when you need a simple, dependency-light solution.
Language: Python - Size: 46.9 KB - Last synced at: 1 day ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
lawndoc/AdvancedHuntingQueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
Size: 327 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 124 - Forks: 17
center-for-threat-informed-defense/m3tid
The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.
Language: Makefile - Size: 5.69 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 16 - Forks: 3
muchdogesec/awesome_detection_rules
A curated list of Awesome Detection Rules
Size: 5.86 KB - Last synced at: 1 day ago - Pushed at: 9 months ago - Stars: 1 - Forks: 1
TracecatHQ/hunts
🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
Language: Jupyter Notebook - Size: 69.3 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 11 - Forks: 1
certeu/moriohub
No need to re-invent the observability wheel. What you need is perhaps already on Moriohub!
Language: JavaScript - Size: 150 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 2
pop-ecx/sigma-ls
A minimal language server to help in writing sigma rules
Language: Python - Size: 31.2 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 1 - Forks: 0
lolc2/lolc2.github.io
lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
Language: HTML - Size: 37.5 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 209 - Forks: 18
wai-htet/Threat-Detection-Pipeline
A modular, containerized cybersecurity pipeline that simulates real-time threat detection, centralized logging (SIEM), and automated incident response (SOAR). Built for scalability, automation, and real-world detection engineering.
Language: Python - Size: 3.91 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Language: Rust - Size: 11 MB - Last synced at: 3 months ago - Pushed at: 8 months ago - Stars: 1,559 - Forks: 111
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Language: Jupyter Notebook - Size: 407 KB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 731 - Forks: 105
mf1d3l/HayabusaToWinEventLog
Hayabusa to the SIEM made easy
Language: PowerShell - Size: 531 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Language: Go - Size: 655 KB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 965 - Forks: 86
infosecB/generate_attacknav_layer
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
Language: Python - Size: 33 MB - Last synced at: 3 months ago - Pushed at: almost 4 years ago - Stars: 4 - Forks: 0
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Language: Python - Size: 367 KB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 1,897 - Forks: 223
bradleyjkemp/sigma-go
A Go implementation and parser for Sigma rules.
Language: Go - Size: 357 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 89 - Forks: 18
center-for-threat-informed-defense/summiting-the-pyramid
Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.
Language: Makefile - Size: 22 MB - Last synced at: 3 months ago - Pushed at: 4 months ago - Stars: 41 - Forks: 3
AttackIQ/SigmAIQ
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
Language: Python - Size: 1.49 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 81 - Forks: 12
0xrawsec/gene
Signature engine for all your logs
Language: Go - Size: 5.64 MB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 170 - Forks: 19
nasbench/Eventlog_Compendium
The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
Language: Python - Size: 149 MB - Last synced at: 4 months ago - Pushed at: 5 months ago - Stars: 37 - Forks: 3
LogCraftIO/logcraft-cli
Detection-as-Code CI/CD pipeline for modern security operations (SIEM, EDR, XDR, ...)
Language: Rust - Size: 592 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 21 - Forks: 1
Arizona-Cyber-Threat-Response-Alliance/rmm-detection
A repository for tools and resources for detecting and managing RMM in enterprise environments.
Size: 640 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 4 - Forks: 2
rhejos/soc-detection-lab
Detection engineering lab using Splunk, Sigma, and Windows logs — mapped to MITRE ATT&CK
Size: 1.95 KB - Last synced at: 4 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
armandoariasinfosec/splunk-brute-force-detection-lab
Detect and alert brute-force RDP attacks using Splunk, Windows logs, and a simulated Kali Linux attacker. Home lab project.
Size: 7.81 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
Samriddhi5/incident-response-playbooks
Incident response playbooks and templates for real-world security scenarios
Size: 0 Bytes - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
Size: 349 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 81 - Forks: 8
infosecB/Rulehound
An index of publicly available and open-source threat detection rulesets.
Size: 286 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 1 - Forks: 0
runreveal/pql
Pipelined Query Language
Language: Go - Size: 215 KB - Last synced at: 5 months ago - Pushed at: 8 months ago - Stars: 649 - Forks: 25
infosecB/detection-as-code
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Language: Python - Size: 33.2 KB - Last synced at: 5 months ago - Pushed at: over 3 years ago - Stars: 55 - Forks: 14
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
Language: HTML - Size: 6.05 MB - Last synced at: 6 months ago - Pushed at: over 2 years ago - Stars: 2,322 - Forks: 413
krdmnbrk/atomicgen.io
A simple tool designed to create Atomic Red Team tests with ease.
Language: JavaScript - Size: 722 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 37 - Forks: 4
3CORESec/SIEGMA
SIEGMA - Transform Sigma rules into SIEM consumables
Language: Python - Size: 1.01 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 149 - Forks: 23
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language: Python - Size: 176 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 54 - Forks: 7
ndr-repo/Win-EventLog-IR-Filters
Windows Event Log filters for cybersecurity incident response, DFIR/forensic event log analysis, and IT risk management.
Size: 21.5 KB - Last synced at: 2 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0
erickatwork/threat-detection-engineering-reference
Resource for all things threat detection
Size: 3.98 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 9 - Forks: 0
krdmnbrk/AttackRuleMap
Mapping of open-source detection rules and atomic tests.
Size: 1.65 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 72 - Forks: 7
qasimqlf/StepbyStep_CyberSecurity
A Step by Step Guide for Cyber Security Beginners to Jump into the right path
Size: 41.1 MB - Last synced at: 8 months ago - Pushed at: almost 3 years ago - Stars: 8 - Forks: 11
madret/elastic
Elastic stack detection lab setup with Docker.
Size: 27.3 KB - Last synced at: 6 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
H3llKa1ser/SOC-Assistant-Guide
A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.
Size: 182 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 9 - Forks: 2
BlakeHensleyy/rules-to-nav
Convert threat detection rules in various formats to a ATT&CK Navigator file.
Language: Python - Size: 315 KB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0
nianticlabs/venator
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
Language: Go - Size: 356 KB - Last synced at: 10 months ago - Pushed at: 11 months ago - Stars: 353 - Forks: 19
lukejjh/MicrosoftSentinel
An assortment of resources pertaining to Defender XDR and Microsoft Sentinel, such as KQL hunting queries and workbooks.
Size: 3.02 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 1 - Forks: 0
deadbits/trs
🔭 Threat report analysis via LLM and Vector DB
Language: Python - Size: 1.29 MB - Last synced at: 5 months ago - Pushed at: almost 2 years ago - Stars: 9 - Forks: 1
2O0K/Sentinel-Rules
Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment
Language: Python - Size: 6.79 MB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
conway87/HEG-BeefEater
Language: PowerShell - Size: 406 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
conway87/HEG-3.0
Language: PowerShell - Size: 420 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
norandom/log2ml
Master Thesis: Development and Evaluation of Software for Forensic Log-Analysis Using Machine Learning and Genetic Programming
Language: Jupyter Notebook - Size: 3.39 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
