Repository navigation

#

threat-detection

0x4D31 / awesome-threat-detection 

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Awesome Liststhreat-hunting安全detectionthreat-detectionincident-response
4296
1 年前
elastic/detection-rules
elastic / detection-rules 

threat-detectionthreat-hunting
Python
2389
25 分钟前
DataDog / stratus-red-team 

☁ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Amazon Web Servicesadversary-emulationpurple-teammitre-attackcloud-securitycloud-native-securitydetection-engineeringthreat-detection安全aws-securityazure-securitykubernetes-securitygcp-security
Go
2124
19 天前
akto-api-security / akto 

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

api-securityapi-discoveryapi-security-testingapi-testingAuthenticationAuthorizationdevsecopsidorowasp-top-10安全security-testingsensitive-data-exposurethreat-detectionHacktoberfesthacktoberfest2023devsecops-pipeline
Java
1371
1 小时前
infosecB / awesome-detection-engineering 

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

detection-engineeringsplunkmitreAwesome ListsCybersecuritythreat-detection
1036
2 个月前
kunai-project / kunai 

Threat-hunting tool for Linux

eBPFLinuxsecurity-monitoringthreat-huntingthreat-detection
Rust
965
2 天前
thalesgroup-cert / Watcher 

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Cybersecuritythreat-huntingDjangoReactmispthehive安全incident-responsethreat-detectionthreat-intelligencenltkwatchercertificate-transparencyOSINTosint-pythonWeb app监控phishing
Python
941
9 天前
Cyb3r-Monk / Threat-Hunting-and-Detection 

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

threat-huntingthreat-detectionCybersecuritydefender-for-endpointdetection-engineeringdfirkql
Jupyter Notebook
747
5 个月前
cyb3rmik3 / KQL-threat-hunting-queries 

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

kqlMicrosoftsentinelmicrosoft-365安全threat-detectionthreat-hunting
720
15 天前
dev-lu / osint_toolkit 

Open source platform for cyber security analysts with many features for threat intelligence and detection engineering.

Cybersecuritythreat-detectionthreat-huntingthreat-intelligence
JavaScript
705
2 天前
turbot / tailpipe 

select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.

duckdbtailpipeAmazon Web ServicesAzuredetectionsDevOpsforensicsGoogle 云incident-responseLoggingmitre-attackOpen Sourceparquetsiemthreat-detection
Go
474
2 小时前
nianticlabs / venator 

A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

threat-detectiondetection-engineeringGoKubernetes
Go
383
1 年前
olafhartong / ATTACKdatamap 

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfirmitre-attackthreat-huntingthreat-detectionsiem
PowerShell
352
5 年前
GoogleCloudPlatform / security-analytics 

Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud

安全Google 云BigQuerychronicleaudit-logslog-analyticsLoggingnetwork-analysisthreat-detection
Python
344
1 年前
DataDog / threatest 

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.

detection-engineeringsecurity-automationthreat-detection
Go
331
4 个月前
utmstack / UTMStack 

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

compliancesiem安全incident-responseLogginglog-parsingmalware-detectionthreat-analysisthreat-detectionthreat-huntingthreat-intelligencesecurity-automationcmmchipaasoarsoc2soc
Java
318
11 小时前
jackaduma / SecBERT 

pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

Cybersecurity安全自然语言处理bert深度学习attentiontransformerstransformer-encodercyber-securitysecurity-automationaptcyber-threat-intelligencethreat-intelligencethreat-huntingthreat-detectionthreat-analysis
Python
185
2 年前
rfackroyd / detection-engineering-starter-pack 

A starter pack of resources to help you get started in Detection Engineering.

detectiondetection-engineeringthreat-detectionthreat-hunting
167
1 个月前
spyboy-productions / WebSecProbe 

Bypass 403

bypass-403threat-detectionvulnerability-assessmentweb-application-security
Jupyter Notebook
164
6 个月前
ecstatic-nobel / Analyst-Arsenal 

A toolkit for Security Researchers

OSINTCybersecurityPythonthreat-intelligencethreat-huntingthreat-analysismalware-analysiscertificate-transparencyscannerthreat-detectionwebshell
Python
127
6 年前