There are 6 repositories under threat-detection topic.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
A collection of the latest AWS Security workshops
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Threat-hunting tool for Linux
A toolkit for Security Researchers
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
Bypass 403
ThreatSeeker: Threat Hunting via Windows Event Logs
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Threat intelligence and threat detection indicators (IOC, IOA)
Threat Detection & Anomaly Detection rules for popular open-source components
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Sigma detection rules for hunting with the threathunting-keywords project
Collection of Suricata rule sets that I use modified to my environments.
Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
Detect-X Automated Threat Detection by AI
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
A blazing fast, highly customizable, modern-day defence tool using (in memory) SQL & REST/gRPC protocols.
A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
An attmept to block malware before AV scans it.
Project to Support The Hunter's Framework (THF)
Threat Detection System using Hybrid (Machine Learning + Lexical Analysis) learning Approach.
Technical cyber security resources across the NIST cyber security framework lifecycle
An SSH honeypot written entirely in Go.