GitHub topics: detection-engineering
center-for-threat-informed-defense/summiting-the-pyramid
Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.
Language: Makefile - Size: 22 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 38 - Forks: 3
runreveal/runreveal-docs
The code powering RunReveal's documentation.
Language: MDX - Size: 27.4 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 3 - Forks: 2
muchdogesec/txt2detection
A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 337 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 6 - Forks: 1
splunk/security_content
Splunk Security Content
Language: Python - Size: 290 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,414 - Forks: 396
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Size: 116 KB - Last synced at: about 16 hours ago - Pushed at: 24 days ago - Stars: 970 - Forks: 86
Chintan2604/forensic
Conteneur Docker tout-en-un pour l'investigation numérique, incluant des outils préinstallés pour l'analyse forensique de disques, mémoire, malwares et appareils mobiles.
Language: Dockerfile - Size: 11.7 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
Language: YARA - Size: 11.1 GB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 959 - Forks: 117
certeu/droid
A pySigma wrapper to manage detection rules.
Language: Python - Size: 253 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 38 - Forks: 4
nasbench/Eventlog_Compendium
The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
Language: Python - Size: 149 MB - Last synced at: 5 days ago - Pushed at: 19 days ago - Stars: 37 - Forks: 3
anvilogic-forge/armory
Anvilogic Forge
Size: 2.49 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 103 - Forks: 6
AttackIQ/SigmAIQ
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
Language: Python - Size: 1.33 MB - Last synced at: about 2 hours ago - Pushed at: about 2 hours ago - Stars: 80 - Forks: 12
BushidoUK/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
Size: 707 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 1,014 - Forks: 113
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
Language: PowerShell - Size: 209 MB - Last synced at: 6 days ago - Pushed at: 18 days ago - Stars: 565 - Forks: 61
LogCraftIO/logcraft-cli
Detection-as-Code CI/CD pipeline for modern security operations (SIEM, EDR, XDR, ...)
Language: Rust - Size: 592 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 21 - Forks: 1
muchdogesec/siemrules
An API that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 194 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 1
mthcht/Purpleteam
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Language: PowerShell - Size: 39.5 MB - Last synced at: 6 days ago - Pushed at: 5 months ago - Stars: 185 - Forks: 19
st0pp3r/awesome-detection-engineer
Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log references, resources, labs, data manipulation online tools, blogs, newsletters, good reads, books, trainings, podcasts, videos and twitter/x accounts.
Language: HTML - Size: 289 KB - Last synced at: about 4 hours ago - Pushed at: 12 days ago - Stars: 90 - Forks: 11
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Language: Go - Size: 3.24 MB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 1,992 - Forks: 241
0xrawsec/gene
Signature engine for all your logs
Language: Go - Size: 5.64 MB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 168 - Forks: 18
DataDog/grimoire
Generate datasets of cloud audit logs for common attacks
Language: Go - Size: 1.11 MB - Last synced at: about 14 hours ago - Pushed at: 9 months ago - Stars: 214 - Forks: 19
panther-labs/pypanther-starter-kit
A Python-native Detection as Code Framework
Language: Python - Size: 312 KB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 12 - Forks: 6
panther-labs/pypanther
A Pythonic Detection Rules Framework
Language: Python - Size: 2.94 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 7 - Forks: 1
Arizona-Cyber-Threat-Response-Alliance/rmm-detection
A repository for tools and resources for detecting and managing RMM in enterprise environments.
Size: 640 KB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 4 - Forks: 2
AlbinoGazelle/esxi-testing-toolkit
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
Language: Python - Size: 13 MB - Last synced at: 21 days ago - Pushed at: 21 days ago - Stars: 72 - Forks: 8
armandoariasinfosec/splunk-brute-force-detection-lab
Detect and alert brute-force RDP attacks using Splunk, Windows logs, and a simulated Kali Linux attacker. Home lab project.
Size: 7.81 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 0 - Forks: 0
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Language: Rust - Size: 11 MB - Last synced at: 29 days ago - Pushed at: 4 months ago - Stars: 1,547 - Forks: 111
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Language: Jupyter Notebook - Size: 407 KB - Last synced at: 27 days ago - Pushed at: about 2 months ago - Stars: 719 - Forks: 103
Samriddhi5/incident-response-playbooks
Incident response playbooks and templates for real-world security scenarios
Size: 0 Bytes - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
Size: 349 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 81 - Forks: 8
mikeroyal/Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Language: Python - Size: 367 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 1,831 - Forks: 219
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Language: Go - Size: 655 KB - Last synced at: 29 days ago - Pushed at: over 1 year ago - Stars: 958 - Forks: 86
mthcht/ThreatHunting-Keywords-yara-rules
yara detection rules for hunting with the threathunting-keywords project
Language: YARA - Size: 86.4 MB - Last synced at: 6 days ago - Pushed at: 2 months ago - Stars: 116 - Forks: 16
infosecB/Rulehound
An index of publicly available and open-source threat detection rulesets.
Size: 286 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0
runreveal/pql
Pipelined Query Language
Language: Go - Size: 215 KB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 649 - Forks: 25
nasbench/SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
Size: 13.7 KB - Last synced at: 6 days ago - Pushed at: about 2 years ago - Stars: 174 - Forks: 13
mannyfred/MentalTi
Mentally ill EtwTi parser
Language: C++ - Size: 223 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 35 - Forks: 2
infosecB/detection-as-code
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Language: Python - Size: 33.2 KB - Last synced at: 28 days ago - Pushed at: about 3 years ago - Stars: 55 - Forks: 14
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
Language: HTML - Size: 6.05 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 2,322 - Forks: 413
lawndoc/AdvancedHuntingQueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
Size: 313 KB - Last synced at: about 1 month ago - Pushed at: 9 months ago - Stars: 121 - Forks: 18
DataDog/threatest
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
Language: Go - Size: 381 KB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 328 - Forks: 23
center-for-threat-informed-defense/m3tid
The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.
Language: Makefile - Size: 5.53 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 15 - Forks: 3
pop-ecx/sigma-ls
A minimal language server to help in writing sigma rules
Language: Python - Size: 31.2 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 1 - Forks: 0
adrianlois/DFIR-Detection-Engineering
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
Size: 1.18 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 76 - Forks: 12
certeu/moriohub
No need to re-invent the observability wheel. What you need is perhaps already on Moriohub!
Language: JavaScript - Size: 150 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 2
krdmnbrk/atomicgen.io
A simple tool designed to create Atomic Red Team tests with ease.
Language: JavaScript - Size: 722 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 37 - Forks: 4
3CORESec/SIEGMA
SIEGMA - Transform Sigma rules into SIEM consumables
Language: Python - Size: 1.01 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 149 - Forks: 23
SpoofIMEI/LiteCanary
Self hostable canary alerts
Language: Go - Size: 46.9 KB - Last synced at: about 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
xpinux/Project-SABER
Project-SABER: A repository of KQL queries and parsers for threat hunting, threat detection, and log parsing in Microsoft Sentinel & Microsoft XDR (formerly Microsoft 365 Defender)
Size: 58.6 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language: Python - Size: 176 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 54 - Forks: 7
jacobstickney/ThreatActorProcedures-MITRE-ATTACK
A collection of specific commands used by threat actors, detailing their procedural implementations of tactics and techniques from the MITRE ATT&CK framework.
Size: 126 KB - Last synced at: 30 days ago - Pushed at: 3 months ago - Stars: 7 - Forks: 2
ndr-repo/Win-EventLog-IR-Filters
Windows Event Log filters for cybersecurity incident response, DFIR/forensic event log analysis, and IT risk management.
Size: 21.5 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
BenjiTrapp/aws-threat-hunting
Short deep dive into Threat Hunting on AWS
Language: Jupyter Notebook - Size: 234 MB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 11 - Forks: 2
erickatwork/threat-detection-engineering-reference
Resource for all things threat detection
Size: 3.98 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 9 - Forks: 0
krdmnbrk/AttackRuleMap
Mapping of open-source detection rules and atomic tests.
Size: 1.65 MB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 72 - Forks: 7
bradleyjkemp/sigma-go
A Go implementation and parser for Sigma rules.
Language: Go - Size: 357 KB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 86 - Forks: 18
qasimqlf/StepbyStep_CyberSecurity
A Step by Step Guide for Cyber Security Beginners to Jump into the right path
Size: 41.1 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 11
madret/elastic
Elastic stack detection lab setup with Docker.
Size: 27.3 KB - Last synced at: 2 months ago - Pushed at: 5 months ago - Stars: 0 - Forks: 0
H3llKa1ser/SOC-Assistant-Guide
A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.
Size: 182 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 9 - Forks: 2
BlakeHensleyy/rules-to-nav
Convert threat detection rules in various formats to a ATT&CK Navigator file.
Language: Python - Size: 315 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 0 - Forks: 0
mvelazc0/PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
Language: C# - Size: 859 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 782 - Forks: 110
muchdogesec/awesome_detection_rules
A curated list of Awesome Detection Rules
Size: 5.86 KB - Last synced at: 2 days ago - Pushed at: 5 months ago - Stars: 0 - Forks: 1
nianticlabs/venator
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
Language: Go - Size: 356 KB - Last synced at: 6 months ago - Pushed at: 7 months ago - Stars: 353 - Forks: 19
lukejjh/MicrosoftSentinel
An assortment of resources pertaining to Defender XDR and Microsoft Sentinel, such as KQL hunting queries and workbooks.
Size: 3.02 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0
deadbits/trs
🔭 Threat report analysis via LLM and Vector DB
Language: Python - Size: 1.29 MB - Last synced at: 27 days ago - Pushed at: over 1 year ago - Stars: 9 - Forks: 1
Aegrah/PANIX
Customizable Linux Persistence Tool for Security Research and Detection Engineering.
Language: Shell - Size: 203 KB - Last synced at: 7 months ago - Pushed at: 8 months ago - Stars: 388 - Forks: 40
Khaled6120/Sentinel-Rules
Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment
Language: Python - Size: 6.79 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 2 - Forks: 0
conway87/HEG-BeefEater
Language: PowerShell - Size: 406 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
conway87/HEG-3.0
Language: PowerShell - Size: 420 KB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
norandom/log2ml
Master Thesis: Development and Evaluation of Software for Forensic Log-Analysis Using Machine Learning and Genetic Programming
Language: Jupyter Notebook - Size: 3.39 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0
west-wind/Threat-Hunting-With-Splunk
Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
Size: 53.7 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 48 - Forks: 6
darkquasar/awesome-fingerprints
Awesome Fingerprints is a curated collection of cybersecurity resources, tools, and techniques for generating, analyzing, and comparing fingerprints (hashes) of digital system and network artifacts.
Size: 8.79 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0
3CORESec/Automata
Automatic detection engineering technical state compliance
Language: Python - Size: 3.24 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 48 - Forks: 11
LogCraftIO/logcraft-cli-plugins
Plugins for LogCraft CLI
Language: Rust - Size: 120 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 2 - Forks: 0
cyberphor/deathlab
My Detection Engineering and Threat Hunting (DEATH) Lab.
Language: HCL - Size: 229 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 4 - Forks: 0
CodeByHarri/Sigma2KQL
Sigma Queries turned into KQL for Defender using pysigma
Size: 753 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 5 - Forks: 2
reversinglabs/reversinglabs-siem-rules
A collection of various SIEM rules relating to malware family groups.
Language: YARA - Size: 164 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 59 - Forks: 6
databricks-industry-solutions/cybersecurity-ml-tutorials
Machine learning notebooks using cybersecurity data
Language: Python - Size: 43 KB - Last synced at: 11 months ago - Pushed at: 12 months ago - Stars: 4 - Forks: 0
TracecatHQ/hunts
🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
Language: Jupyter Notebook - Size: 69.3 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 1 - Forks: 0
chandraktrivedi/PurpleHawkS
All-In-One: Purple Teaming Exercises with Open-Source Tools
Size: 2.5 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
rgi-group/Cloud-DART
Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.
Language: Python - Size: 1.15 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0
whichbuffer/Threat-Detection-Rules
Threat Detection Repository - YARA / SIGMA rules
Language: YARA - Size: 104 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 3 - Forks: 0
Khadinxc/siem_detection_rules
Repo for my detection rules in system relative formatting
Language: Python - Size: 77.1 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 0 - Forks: 0
infosecB/generate_attacknav_layer
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
Language: Python - Size: 33 MB - Last synced at: about 2 months ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 0
sbousseaden/Slides
Misc Threat Hunting Resources
Size: 13.6 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 359 - Forks: 61
mvelazc0/attack2jira
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
Language: Python - Size: 50.8 KB - Last synced at: over 1 year ago - Pushed at: about 2 years ago - Stars: 108 - Forks: 31
chan2git/elastic-detection-lab
This repository serves as a comprehensive recap and detailed write-up showcasing the successful completion and in-depth understanding of TCM Security's course: Detection Engineering for Beginners.
Size: 9.76 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
fish-not-phish/cb-inspector
De-facto parent tenant for Carbon Black Enterprise EDR
Language: Python - Size: 72.3 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0
M3NIX/sigmaio 📦
simple webapp for converting sigma rules into siem queries using the pySigma library
Language: HTML - Size: 53.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 43 - Forks: 3
sou-predictable/Crypto-Census
Crypto Census - A One-Stop-Shop for Crypto Domain Aggregation
Language: C - Size: 29.4 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
crazyeights225/WinEventLogExplorer
Capture all events across all logs produced during the running of a particular exploit/script. Search and filter events
Language: PowerShell - Size: 1.26 MB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 5 - Forks: 0
circulatedev/circulate
The Open Source Threat Intelligence Knowledge Graph for identifying and correlating TTPs, IOCs, and insights relevant to your organization.
Language: HCL - Size: 2.1 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 6 - Forks: 1
signus/sigma-cicd-template
A template repository for building a Detecting Engineering process around Sigma and CI/CD platforms to accelerate detection capabilities.
Language: Makefile - Size: 40 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
Ben4FH/Adaz-Sentinel Fork of christophetd/Adaz
Microsoft Sentinel fork of Adaz :wrench: Deploy customizable Active Directory labs in Azure - automatically.
Language: HCL - Size: 4.16 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 2 - Forks: 0
ControlCompass/ControlCompass.github.io
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Language: JavaScript - Size: 2.78 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 91 - Forks: 20
JakePeralta7/CyberSecurity
Research, Rules, Books, Tools and more basic stuff you can get anywhere
Language: Python - Size: 439 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 5 - Forks: 0
3CORESec/dtio-kb
Technical resources and knowledge base for dtection.io
Language: Shell - Size: 22.8 MB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 0