A pySigma wrapper and langchain toolkit for automatic rule creation/translation
-
Updated
May 17, 2024 - Python
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
The code powering RunReveal's documentation.
Anvilogic Forge
Splunk Security Content
Sigma detection rules for hunting with the threathunting-keywords project
yara detection rules for hunting with the threathunting-keywords project
Awesome list of keywords and artifacts for Threat Hunting sessions
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.
Purpleteam scripts simulation & Detection - trigger events for SOC detections
A collection of various SIEM rules relating to malware family groups.
Resource for all things threat detection
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.
The collection of YARA rules to perform malware threat hunting and detection.
Repo for my detection rules in system relative formatting
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."