Detection Notebooks
Detection Notebooks are a collection of data science-infused Jupyter Notebooks that enable analysts to undertake data driven approaches to detection and threat hunting. Each notebook explains a common adversarial technique, potential detection method(s), an implementation and detection results.
Notebook Scope
- DNS
Data Sources
Obtaining realistic logs for analysis is a notoriously difficult task within the field of Cybersecurity. As such, this project utilises a combination of real data (found online or generated in a homelab) or simulated data.
Where possible, attribution has been provided to the respective authors.