Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: detection-rules

Repositories

0xAnalyst/DefenderATPQueries

Hunting Queries for Defender ATP

Size: 172 KB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 47 - Forks: 5

sublime-security/sublime-platform

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.

Language: Shell - Size: 190 KB - Last synced: about 4 hours ago - Pushed: about 19 hours ago - Stars: 148 - Forks: 12

mthcht/ThreatHunting-Keywords-sigma-rules

Sigma detection rules for hunting with the threathunting-keywords project

Language: Python - Size: 116 MB - Last synced: 13 days ago - Pushed: 13 days ago - Stars: 40 - Forks: 4

checkmarble/marble

Marble - the real time decision engine for fraud and AML

Language: HCL - Size: 62.5 KB - Last synced: 23 days ago - Pushed: 23 days ago - Stars: 125 - Forks: 7

austinsonger/elastic-detection-cli

Docker Container for Elastic Detection CLI

Language: Dockerfile - Size: 133 KB - Last synced: 28 days ago - Pushed: 5 months ago - Stars: 8 - Forks: 1

cylaris/awesomekql

Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs

Size: 163 KB - Last synced: 10 days ago - Pushed: 10 months ago - Stars: 44 - Forks: 5

vastlimits/uberAgent-config

uberAgent configuration: UXM settings & ESA rules + checks

Language: PowerShell - Size: 70.3 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 2 - Forks: 1

polaris64/web_exploit_detector

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

Language: JavaScript - Size: 87.9 KB - Last synced: 20 days ago - Pushed: almost 7 years ago - Stars: 89 - Forks: 36

gapsc-us/labcomdig

Files for the lab of Digital Communications at the University of Seville.

Language: Jupyter Notebook - Size: 2.29 MB - Last synced: 6 months ago - Pushed: about 3 years ago - Stars: 1 - Forks: 1

mandiant/thiri-notebook 📦

The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.

Language: Python - Size: 28.3 KB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 147 - Forks: 15

Related Keywords

detection-rules 13 detection 4 detection-engineering 3 kql 2 sigma 2 threat-hunting 2 siem 2 wordpress 1 web 1 suspicious-files 1 security-audit 1 scanner 1 php 1 nodejs 1 infection 1 exploits 1 cms 1 endpoint-security 1 endpoint-monitoring 1 azure 1 elasticsearch 1 elastic 1 wso-webshell 1 communications 1 python 1 qam-demodulation 1 qam-modulation 1 statistics 1 snort 1 yara 1 ci-cd 1 detection-library 1 detections 1 pipeline 1 detection-algorithm 1 detection-model 1 motion 1 radar 1 defender-atp 1 email-security 1 phishing 1 phishing-detection 1 security 1 security-tools 1 blueteam 1 dfir 1 forensicartifacts 1 mitre-attack 1 sigma-rules 1 threat-detection 1 threathunting 1 aml 1 case-management 1 compliance-automation 1 compliance-platform 1 decision-api 1 decision-making 1 financial-services 1 fraud-detection 1 money-laundering 1 nocode 1 realtime 1 risk 1 rule-based 1 rule-engine 1 docker 1 docker-compose 1 docker-container 1 docker-hub 1 docker-image 1