mbabinski

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

sigma

Main Sigma Rule Repository

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

sqlparse

A non-validating SQL parser module for Python

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

awesome-detection-engineering

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

DFIRArtifactMuseum

The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifacts that may no longer be readily available anymore.

Malware-IOCs

C2-Tracker

Live Feed of C2 servers, tools, and botnets

pySigma

Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

Sigma-Rules

Rules generated from our investigations.

wtfbins

WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.

sigma-cli

The Sigma command line interface based on pySigma

libLOL

detection-validation

Detection rule validation

pySigma-backend-microsoft365defender

pySigma-backend-insightidr

pySigma-backend-microsoft365defender