detection-rules

There are 1 repository under detection-rules topic.

marble
checkmarble / marble
Marble - the real time decision engine for fraud and AML
aml case-management compliance-automation compliance-platform decision-api decision-making detection-rules financial-services fraud-detection money-laundering nocode realtime risk rule-based rule-engine
Language:HCL 160
sublime-security / sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
phishing phishing-detection detection-rules email-security security security-tools
Language:Shell 160
mandiant / thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
detection-rules snort threat-hunting yara
Language:Python 154
polaris64 / web_exploit_detector
The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
cms detection-rules exploits infection nodejs php scanner security-audit suspicious-files web wordpress wso-webshell
Language:JavaScript 88
0xAnalyst / DefenderATPQueries
Hunting Queries for Defender ATP
defender-atp detection-engineering detection-rules kql microsoft sentinel threat-hunting
70
cylaris / awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
azure detection detection-rules kql siem
50
ThreatHunting-Keywords-sigma-rules
mthcht / ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
blueteam detection-engineering detection-rules siem sigma-rules threat-detection threat-hunting threathunting dfir forensicartifacts mitre-attack
Language:Python 47
Karneades / SigmaFilterCheck
Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)
detection-rules sigma detection
Language:Python 15
elastic-detection-cli
austinsonger / elastic-detection-cli
Docker Container for Elastic Detection CLI
docker docker-compose docker-image docker-hub docker-container elastic elasticsearch detection detection-rules
Language:Dockerfile 8
uberAgent-config
vastlimits / uberAgent-config
uberAgent configuration: UXM settings & ESA rules + checks
detection-rules endpoint-monitoring endpoint-security
Language:PowerShell 2
gapsc-us / labcomdig
Files for the lab of Digital Communications at the University of Seville.
python statistics communications qam-modulation qam-demodulation detection-rules
Language:Jupyter Notebook 1

detection-rules

checkmarble / marble

sublime-security / sublime-platform

mandiant / thiri-notebook

polaris64 / web_exploit_detector

0xAnalyst / DefenderATPQueries

cylaris / awesomekql

mthcht / ThreatHunting-Keywords-sigma-rules

Karneades / SigmaFilterCheck

austinsonger / elastic-detection-cli

vastlimits / uberAgent-config

gapsc-us / labcomdig