A pySigma wrapper and langchain toolkit for automatic rule creation/translation
-
Updated
May 17, 2024 - Python
#
detection-engineering
Here are 57 public repositories matching this topic...
The code powering RunReveal's documentation.
-
Updated
May 17, 2024 - MDX
Anvilogic Forge
-
Updated
May 17, 2024
Splunk Security Content
-
Updated
May 16, 2024 - Python
Sigma detection rules for hunting with the threathunting-keywords project
dfir
threat-hunting
siem
blueteam
detection-rules
mitre-attack
threat-detection
threathunting
detection-engineering
sigma-rules
forensicartifacts
-
Updated
May 16, 2024 - Python
yara detection rules for hunting with the threathunting-keywords project
incident-response
dfir
awesome-list
threat-hunting
hunting
offensive-security
yara-rules
blueteam
threat-intelligence
yara-forensics
hacktools
yara-signatures
yara-scanner
detection-engineering
forensics-tools
-
Updated
May 16, 2024 - YARA
Awesome list of keywords and artifacts for Threat Hunting sessions
splunk
incident-response
dfir
awesome-list
threat-hunting
siem
iocs
offensive-security
soc
elk-stack
blueteam
threat-intelligence
redteam
forensic
hacktools
endpoint-security
threathunting
offensive-scripts
detection-engineering
sigma-rules
-
Updated
May 16, 2024 - HTML
windows
powershell
dfir
cybersecurity
cmd
threat-hunting
mitre-attack
lolbins
detection-engineering
networksecurity
-
Updated
May 14, 2024
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
windows
linux
security
incident-response
tips
tricks
malware
forensics
dfir
cybersecurity
macosx
digital-forensics
artefacts
forense
detection-engineering
deteccion
artefactos
evidencias
anti-forense
-
Updated
May 7, 2024
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
aws
security
aws-security
cloud-security
azure-security
mitre-attack
adversary-emulation
threat-detection
purple-team
gcp-security
kubernetes-security
detection-engineering
cloud-native-security
-
Updated
May 1, 2024 - Go
Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
splunk
detection
vulnerability
mitre-attack
line-runner
detection-engineering
bpfdoor
bpfdoor-detection
text4shell
rtm-locker
esxi-ransomware
esxi-malware
arcanedoor
line-dancer
cve-2024-20359
cve-2024-20353
-
Updated
Apr 29, 2024
Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.
-
Updated
Apr 24, 2024 - Python
Purpleteam scripts simulation & Detection - trigger events for SOC detections
windows
linux
security
ioc
awesome
simulation
detection
tactics
awesome-list
threat-hunting
siem
soc
techniques
blueteam
redteam
mitre-attack
purpleteam
threathunting
offensive-scripts
detection-engineering
-
Updated
Apr 24, 2024 - PowerShell
A collection of various SIEM rules relating to malware family groups.
-
Updated
Apr 24, 2024 - YARA
Resource for all things threat detection
security
reference
detection
incident-response
threat-modeling
threat-intelligence
mitre-attack
detection-engineering
risk-based
detection-as-code
risk-based-alerting
distributed-alerting
-
Updated
Apr 16, 2024
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
-
Updated
Apr 15, 2024
The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.
cybersecurity
ctid
mitre-attack
adversary-emulation
cyber-threat-intelligence
detection-engineering
threat-informed-defense
-
Updated
Apr 11, 2024 - Makefile
The collection of YARA rules to perform malware threat hunting and detection.
threat-hunting
yara
yara-rules
malware-detection
detection-engineering
threat-hunting-via-yara-rules
-
Updated
Apr 10, 2024 - YARA
Repo for my detection rules in system relative formatting
-
Updated
Mar 28, 2024 - Python
Improve this page
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."