β¨ A curated list of awesome threat detection and hunting resources π΅οΈββοΈ
β4,517Jan 5, 2026Updated 2 months ago
Alternatives and similar repositories for awesome-threat-detection
Users that are interested in awesome-threat-detection are comparing it to the libraries listed below
Sorting:
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more eβ¦β4,492Jan 12, 2026Updated last month
- A curated list of Awesome Threat Intelligence resourcesβ9,872Jan 19, 2026Updated last month
- A curated list of tools for incident responseβ8,842Jul 18, 2024Updated last year
- A curated list of awesome YARA rules, tools, and people.β4,151Feb 25, 2026Updated last week
- Detect Tactics, Techniques & Combat Threatsβ2,268Jan 21, 2026Updated last month
- Main Sigma Rule Repositoryβ10,156Mar 2, 2026Updated last week
- Automate the creation of a lab environment complete with security tooling and logging best practicesβ4,909Jul 6, 2024Updated last year
- Windows Events Attack Samplesβ2,517Jan 24, 2023Updated 3 years ago
- An informational repo about hunting for adversaries in your IT environment.β1,858Nov 17, 2021Updated 4 years ago
- Re-play Security Eventsβ1,725Mar 20, 2024Updated last year
- Small and highly portable detection tests based on MITRE's ATT&CK.β11,632Mar 2, 2026Updated last week
- A collection of resources for Threat Huntersβ914Oct 15, 2024Updated last year
- Defund the Police.β13,486Jun 7, 2024Updated last year
- π‘οΈ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.β5,177Jul 15, 2024Updated last year
- Open Source Security Events Metadata (OSSEM)β1,288Feb 27, 2023Updated 3 years ago
- The Hunting ELKβ3,911Jun 1, 2024Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat huntsβ1,174Jul 26, 2023Updated 2 years ago
- A repository of sysmon configuration modulesβ2,987Aug 21, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation oβ¦β1,148Dec 19, 2025Updated 2 months ago
- A toolset to make a system look as if it was the victim of an APT attackβ2,714Sep 23, 2025Updated 5 months ago
- Automated Adversary Emulation Platformβ6,795Updated this week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshβ¦β3,633Mar 1, 2026Updated last week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data intβ¦β2,452Updated this week
- Actionable analytics designed to combat threatsβ1,005May 25, 2022Updated 3 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CKβ1,078Nov 28, 2024Updated last year
- β2,392Oct 14, 2023Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).β803Jan 14, 2026Updated last month
- βοΈ A curated list of awesome forensic analysis tools and resourcesβ4,934Mar 1, 2026Updated last week
- Your Everyday Threat Intelligenceβ1,954Feb 12, 2026Updated 3 weeks ago
- an awesome list of honeypot resourcesβ10,177Apr 1, 2025Updated 11 months ago
- Digging Deeper....β3,799Updated this week
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities aβ¦β1,551Feb 10, 2026Updated 3 weeks ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platformβ6,158Updated this week
- YARA signature and IOC database for my scanners and toolsβ2,880Feb 5, 2026Updated last month
- β2,513Updated this week
- A collection of awesome security hardening guides, tools and other resourcesβ6,203Jan 20, 2026Updated last month
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.β937Dec 12, 2023Updated 2 years ago
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial versionβ3,891Jul 25, 2025Updated 7 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event logβ3,137Oct 19, 2025Updated 4 months ago