Topic: "detection-rules"
checkmarble/marble
Marble - the real time decision engine for fraud and AML
Language: HCL - Size: 254 KB - Last synced at: about 20 hours ago - Pushed at: 1 day ago - Stars: 298 - Forks: 39
sublime-security/sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
Language: Shell - Size: 225 KB - Last synced at: 5 days ago - Pushed at: 18 days ago - Stars: 214 - Forks: 25
mandiant/thiri-notebook 📦
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
Language: Python - Size: 28.3 KB - Last synced at: over 1 year ago - Pushed at: about 3 years ago - Stars: 147 - Forks: 15
polaris64/web_exploit_detector
The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
Language: JavaScript - Size: 87.9 KB - Last synced at: 7 days ago - Pushed at: almost 8 years ago - Stars: 89 - Forks: 36
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
Size: 349 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 81 - Forks: 8
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Language: Python - Size: 176 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 54 - Forks: 7
cylaris/awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
Size: 163 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 53 - Forks: 5
Karneades/SigmaFilterCheck
Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/Neo23x0/sigma)
Language: Python - Size: 24.4 KB - Last synced at: over 2 years ago - Pushed at: over 4 years ago - Stars: 13 - Forks: 1
austinsonger/elastic-detection-cli
Docker Container for Elastic Detection CLI
Language: Dockerfile - Size: 133 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 8 - Forks: 1
muchdogesec/txt2detection
A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 375 KB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 7 - Forks: 1
elastic/cortado
Language: Python - Size: 4.54 MB - Last synced at: 3 days ago - Pushed at: 3 months ago - Stars: 7 - Forks: 1
vastlimits/uberAgent-config
uberAgent configuration: UXM settings & ESA rules + checks
Language: PowerShell - Size: 174 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 3 - Forks: 2
muchdogesec/siemrules
An API that takes a txt file containing threat intelligence and turns it into a detection rule.
Language: Python - Size: 373 KB - Last synced at: 5 days ago - Pushed at: 12 days ago - Stars: 1 - Forks: 1
gapsc-us/labcomdig
Files for the lab of Digital Communications at the University of Seville.
Language: Jupyter Notebook - Size: 2.29 MB - Last synced at: over 1 year ago - Pushed at: over 4 years ago - Stars: 1 - Forks: 1
muchdogesec/awesome_detection_rules
A curated list of Awesome Detection Rules
Size: 5.86 KB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 0 - Forks: 1
signus/sigma-cicd-template
A template repository for building a Detecting Engineering process around Sigma and CI/CD platforms to accelerate detection capabilities.
Language: Makefile - Size: 40 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
bessho/radarchallenge
#AndroidDevChallenge
Size: 137 KB - Last synced at: over 2 years ago - Pushed at: over 5 years ago - Stars: 0 - Forks: 0
