β¨ A curated list of awesome threat detection and hunting resources π΅οΈββοΈ
β4,664Jan 5, 2026Updated 6 months ago
Alternatives and similar repositories for awesome-threat-detection
Users that are interested in awesome-threat-detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more eβ¦β4,604Jan 12, 2026Updated 5 months ago
- A curated list of Awesome Threat Intelligence resourcesβ10,417May 31, 2026Updated last month
- A curated list of tools for incident responseβ9,230May 6, 2026Updated 2 months ago
- Detect Tactics, Techniques & Combat Threatsβ2,303Jun 2, 2026Updated last month
- A curated list of awesome YARA rules, tools, and people.β4,238Jun 15, 2026Updated 3 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Main Sigma Rule Repositoryβ10,707Updated this week
- An informational repo about hunting for adversaries in your IT environment.β1,878Nov 17, 2021Updated 4 years ago
- A collection of resources for Threat Huntersβ915Oct 15, 2024Updated last year
- Windows Events Attack Samplesβ2,590Jan 24, 2023Updated 3 years ago
- Automate the creation of a lab environment complete with security tooling and logging best practicesβ4,992Jul 6, 2024Updated 2 years ago
- Re-play Security Eventsβ1,782Mar 20, 2024Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.β12,167Updated this week
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation oβ¦β1,273Jun 18, 2026Updated 3 weeks ago
- A repository of sysmon configuration modulesβ3,074Jun 25, 2026Updated 2 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Defund the Police.β13,929Jun 7, 2024Updated 2 years ago
- Open Source Security Events Metadata (OSSEM)β1,298Feb 27, 2023Updated 3 years ago
- The Hunting ELKβ3,928Jun 1, 2024Updated 2 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat huntsβ1,189Jul 26, 2023Updated 2 years ago
- π‘οΈ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.β5,442Jul 15, 2024Updated last year
- A toolset to make a system look as if it was the victim of an APT attackβ2,755Sep 23, 2025Updated 9 months ago
- Automated Adversary Emulation Platformβ7,084Jun 23, 2026Updated 2 weeks ago
- Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Mβ¦β3,912Jun 26, 2026Updated 2 weeks ago
- Actionable analytics designed to combat threatsβ1,012May 25, 2022Updated 4 years ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- β2,407Oct 14, 2023Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).β815Jan 14, 2026Updated 5 months ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data intβ¦β2,516Jun 30, 2026Updated last week
- βοΈ A curated list of awesome forensic analysis tools and resourcesβ5,120May 14, 2026Updated last month
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CKβ1,078Nov 28, 2024Updated last year
- A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.β586Mar 24, 2023Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.β942Dec 12, 2023Updated 2 years ago
- Virtual Machine for Adversary Emulation and Threat Huntingβ1,317Jan 22, 2025Updated last year
- Your Everyday Threat Intelligenceβ2,001Jul 2, 2026Updated last week
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- YARA signature and IOC database for my scanners and toolsβ2,988Jun 17, 2026Updated 3 weeks ago
- Digging Deeper....β4,066Jun 24, 2026Updated 2 weeks ago
- β2,632Jul 3, 2026Updated last week
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities aβ¦β1,592Jun 22, 2026Updated 2 weeks ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platformβ6,395Updated this week
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial versionβ3,929Jul 25, 2025Updated 11 months ago
- Sysmon configuration file template with default high-quality event tracingβ5,579Jul 3, 2024Updated 2 years ago