Repository navigation

#

threat-detection

0x4D31 / awesome-threat-detection 

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Awesome Liststhreat-hunting安全detectionthreat-detectionincident-response
4340
1 年前
elastic/detection-rules
elastic / detection-rules 

threat-detectionthreat-hunting
Python
2418
1 天前
DataDog / stratus-red-team 

☁ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Amazon Web Servicesadversary-emulationpurple-teammitre-attackcloud-securitycloud-native-securitydetection-engineeringthreat-detection安全aws-securityazure-securitykubernetes-securitygcp-security
Go
2161
3 天前
akto-api-security / akto 

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

api-securityapi-discoveryapi-security-testingapi-testingAuthenticationAuthorizationdevsecopsidorowasp-top-10安全security-testingsensitive-data-exposurethreat-detectionHacktoberfesthacktoberfest2023devsecops-pipeline
Java
1386
2 天前
infosecB / awesome-detection-engineering 

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

detection-engineeringsplunkmitreAwesome ListsCybersecuritythreat-detection
1064
3 个月前
thalesgroup-cert/Watcher
thalesgroup-cert / Watcher 

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Cybersecuritythreat-huntingDjangoReactmispthehive安全incident-responsethreat-detectionthreat-intelligencenltkwatchercertificate-transparencyOSINTosint-pythonWeb app监控phishing
Python
1001
2 天前
kunai-project / kunai 

Threat-hunting tool for Linux

eBPFLinuxsecurity-monitoringthreat-huntingthreat-detection
Rust
982
2 个月前
Cyb3r-Monk / Threat-Hunting-and-Detection 

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

threat-huntingthreat-detectionCybersecuritydefender-for-endpointdetection-engineeringdfirkql
Jupyter Notebook
767
20 小时前
cyb3rmik3 / KQL-threat-hunting-queries 

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

kqlMicrosoftsentinelmicrosoft-365安全threat-detectionthreat-hunting
733
1 个月前
dev-lu / osint_toolkit 

Open source platform for cyber security analysts with many features for threat intelligence and detection engineering.

Cybersecuritythreat-detectionthreat-huntingthreat-intelligence
JavaScript
722
2 个月前
turbot / tailpipe 

select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.

duckdbtailpipeAmazon Web ServicesAzuredetectionsDevOpsforensicsGoogle 云incident-responseLoggingmitre-attackOpen Sourceparquetsiemthreat-detection
Go
501
10 小时前
nianticlabs / venator 

A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

threat-detectiondetection-engineeringGoKubernetes
Go
382
1 年前
olafhartong / ATTACKdatamap 

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfirmitre-attackthreat-huntingthreat-detectionsiem
PowerShell
351
5 年前
GoogleCloudPlatform / security-analytics 

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

安全Google 云BigQuerychronicleaudit-logslog-analyticsLoggingnetwork-analysisthreat-detection
Python
345
1 年前
DataDog / threatest 

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.

detection-engineeringsecurity-automationthreat-detection
Go
334
5 个月前
utmstack / UTMStack 

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

compliancesiem安全incident-responseLogginglog-parsingmalware-detectionthreat-analysisthreat-detectionthreat-huntingthreat-intelligencesecurity-automationcmmchipaasoarsoc2soc
Java
327
7 小时前
jackaduma / SecBERT 

pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

Cybersecurity安全自然语言处理bert深度学习attentiontransformerstransformer-encodercyber-securitysecurity-automationaptcyber-threat-intelligencethreat-intelligencethreat-huntingthreat-detectionthreat-analysis
Python
192
2 年前
rfackroyd / detection-engineering-starter-pack 

A starter pack of resources to help you get started in Detection Engineering.

detectiondetection-engineeringthreat-detectionthreat-hunting
172
1 个月前
spyboy-productions / WebSecProbe 

Bypass 403

bypass-403threat-detectionvulnerability-assessmentweb-application-security
Jupyter Notebook
164
8 个月前
HaoY-l / threat-intel-hub 

🔥 一个集成多源威胁情报的聚合平台,为安全研究人员和运维团队提供实时威胁情报查询和播报服务;集成阿里云WAF主动拦截威胁IP,钓鱼邮件实时监测,集成AI等多项常用安全类工具🔧

安全threat-analysisthreat-detectionthreat-intelligence
Vue
156
7 天前