Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: detection-rules
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
Size: 172 KB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 47 - Forks: 5
sublime-security/sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
Language: Shell - Size: 190 KB - Last synced: about 4 hours ago - Pushed: about 19 hours ago - Stars: 148 - Forks: 12
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language: Python - Size: 116 MB - Last synced: 13 days ago - Pushed: 13 days ago - Stars: 40 - Forks: 4
checkmarble/marble
Marble - the real time decision engine for fraud and AML
Language: HCL - Size: 62.5 KB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 125 - Forks: 7
austinsonger/elastic-detection-cli
Docker Container for Elastic Detection CLI
Language: Dockerfile - Size: 133 KB - Last synced: 28 days ago - Pushed: 5 months ago - Stars: 8 - Forks: 1
cylaris/awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
Size: 163 KB - Last synced: 10 days ago - Pushed: 10 months ago - Stars: 44 - Forks: 5
vastlimits/uberAgent-config
uberAgent configuration: UXM settings & ESA rules + checks
Language: PowerShell - Size: 70.3 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 2 - Forks: 1
polaris64/web_exploit_detector
The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Language: JavaScript - Size: 87.9 KB - Last synced: 20 days ago - Pushed: almost 7 years ago - Stars: 89 - Forks: 36
gapsc-us/labcomdig
Files for the lab of Digital Communications at the University of Seville.
Language: Jupyter Notebook - Size: 2.29 MB - Last synced: 6 months ago - Pushed: about 3 years ago - Stars: 1 - Forks: 1
mandiant/thiri-notebook 📦
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
Language: Python - Size: 28.3 KB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 147 - Forks: 15
signus/sigma-cicd-template
A template repository for building a Detecting Engineering process around Sigma and CI/CD platforms to accelerate detection capabilities.
Language: Makefile - Size: 40 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
Karneades/SigmaFilterCheck
Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/Neo23x0/sigma)
Language: Python - Size: 24.4 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 13 - Forks: 1
bessho/radarchallenge
#AndroidDevChallenge
Size: 137 KB - Last synced: about 1 year ago - Pushed: over 4 years ago - Stars: 0 - Forks: 0