0x4D31 / awesome-threat-detectionView external linksLinks
β¨ A curated list of awesome threat detection and hunting resources π΅οΈββοΈ
β4,496Jan 5, 2026Updated last month
Alternatives and similar repositories for awesome-threat-detection
Users that are interested in awesome-threat-detection are comparing it to the libraries listed below
Sorting:
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more eβ¦β4,475Jan 12, 2026Updated last month
- A curated list of Awesome Threat Intelligence resourcesβ9,786Jan 19, 2026Updated 3 weeks ago
- A curated list of tools for incident responseβ8,808Jul 18, 2024Updated last year
- A curated list of awesome YARA rules, tools, and people.β4,134Mar 26, 2025Updated 10 months ago
- Detect Tactics, Techniques & Combat Threatsβ2,263Jan 21, 2026Updated 3 weeks ago
- Main Sigma Rule Repositoryβ10,109Feb 10, 2026Updated last week
- Automate the creation of a lab environment complete with security tooling and logging best practicesβ4,900Jul 6, 2024Updated last year
- Windows Events Attack Samplesβ2,507Jan 24, 2023Updated 3 years ago
- An informational repo about hunting for adversaries in your IT environment.β1,846Nov 17, 2021Updated 4 years ago
- Re-play Security Eventsβ1,723Mar 20, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.β11,570Feb 9, 2026Updated last week
- A collection of resources for Threat Huntersβ914Oct 15, 2024Updated last year
- Defund the Police.β13,426Jun 7, 2024Updated last year
- π‘οΈ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.β5,133Jul 15, 2024Updated last year
- Open Source Security Events Metadata (OSSEM)β1,286Feb 27, 2023Updated 2 years ago
- The Hunting ELKβ3,913Jun 1, 2024Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat huntsβ1,173Jul 26, 2023Updated 2 years ago
- A repository of sysmon configuration modulesβ2,968Aug 21, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation oβ¦β1,126Dec 19, 2025Updated last month
- A toolset to make a system look as if it was the victim of an APT attackβ2,710Sep 23, 2025Updated 4 months ago
- Automated Adversary Emulation Platformβ6,733Feb 9, 2026Updated last week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshβ¦β3,535Jan 20, 2026Updated 3 weeks ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data intβ¦β2,439Updated this week
- Actionable analytics designed to combat threatsβ1,006May 25, 2022Updated 3 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CKβ1,077Nov 28, 2024Updated last year
- β2,383Oct 14, 2023Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).β800Jan 14, 2026Updated last month
- βοΈ A curated list of awesome forensic analysis tools and resourcesβ4,901Feb 5, 2026Updated last week
- Your Everyday Threat Intelligenceβ1,949Updated this week
- an awesome list of honeypot resourcesβ10,146Apr 1, 2025Updated 10 months ago
- Digging Deeper....β3,763Updated this week
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities aβ¦β1,546Feb 10, 2026Updated last week
- MISP (core software) - Open Source Threat Intelligence and Sharing Platformβ6,123Feb 10, 2026Updated last week
- YARA signature and IOC database for my scanners and toolsβ2,864Feb 5, 2026Updated last week
- β2,502Updated this week
- A collection of awesome security hardening guides, tools and other resourcesβ6,113Jan 20, 2026Updated 3 weeks ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.β937Dec 12, 2023Updated 2 years ago
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial versionβ3,883Jul 25, 2025Updated 6 months ago
- Open Cyber Threat Intelligence Platformβ8,212Updated this week