Benjamin Tan's starred repositories
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
signature-base
YARA signature and IOC database for my scanners and tools
security_content
Splunk Security Content
Agently
[AI Agent Application Development Framework] - 🚀 Build AI agent native application in very few code 💬 Easy to interact with AI agent in code using structure data and chained-calls syntax 🧩 Enhance AI Agent using plugins instead of rebuild a whole new agent
awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Kusto-Query-Language
Kusto Query Language is a simple and productive language for querying Big Data.
awesome-llm-cybersecurity-tools
A curated list of large language model tools for cybersecurity research.
insider-threat-ttp-kb
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
YARA_Detection_Engineering
Detection Engineering with YARA
DFIR-Detection-Engineering
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
transpiler
SIEM-to-Spark Transpiler
wazuh-indexer
Wazuh indexer, the Wazuh search engine