threat-detection
There are 98 repositories under threat-detection topic.
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
cyb3rmik3/KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
kunai-project/kunai
Threat-hunting tool for Linux
nianticlabs/venator
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
GoogleCloudPlatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
DataDog/threatest
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
jackaduma/SecBERT
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
MFMokbel/Crawlector
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
ecstatic-nobel/Analyst-Arsenal
A toolkit for Security Researchers
spyboy-productions/WebSecProbe
Bypass 403
ine-labs/ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
jonrau1/SyntheticSun
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
swisscom/detections
Threat intelligence and threat detection indicators (IOC, IOA)
infosecB/detection-as-code
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Loginsoft-LLC/threat-detection-rules
Threat Detection & Anomaly Detection rules for popular open-source components
mthcht/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
Truvis/Suricata_Threat-Hunting-Rules
Collection of Suricata rule sets that I use modified to my environments.
paulveillard/cybersecurity-threat-detection
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Detection & Hunting.
0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
thremulation-station/thremulation-station
Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
shoumikgoswami/Detect-X-app
Detect-X Automated Threat Detection by AI
Loginsoft-LLC/Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
domgolonka/foretoken
A blazing fast, highly customizable, modern-day defence tool using (in memory) SQL & REST/gRPC protocols.
patternex/awesome-ml-for-threat-detection
A curated list of resources to deep dive into the intersection of applied machine learning and threat detection.
MaheshShukla1/SOC-Analyst-Notes
Enhance your cybersecurity skills with comprehensive notes for SOC Analysts. Dive into security operations, incident response, threat hunting, and practical examples to bolster your expertise. Access valuable resources to level up your cybersecurity game on my GitHub repository.
ls1911/GenAIPot
GenAIPot is the first A.I honeypot that emulates services and using Generative AI to do that in order to be more stealth.
SCS-Labs/TheWatchList
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
ecstatic-nobel/Not-Anti-Virus
An attmept to block malware before AV scans it.