☆120May 26, 2025Updated 9 months ago
Alternatives and similar repositories for DetectIQ
Users that are interested in DetectIQ are comparing it to the libraries listed below
Sorting:
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆92Nov 3, 2025Updated 4 months ago
- Mapping of open-source detection rules and atomic tests.☆204Feb 16, 2026Updated last month
- An opensource sigma conversion tool built using pysigma☆163Feb 9, 2026Updated last month
- Living off the False Positive!☆42Jan 31, 2025Updated last year
- A tool for fetching DFIR and other GitHub tools.☆26Aug 2, 2025Updated 7 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Sep 4, 2024Updated last year
- A fun POC that is built to understand AI security agents.☆34Oct 30, 2025Updated 4 months ago
- This project aims to fine-tune a pre-trained LLM using CTI-specific data and evaluate its performance with CTIBench, a benchmark designed…☆17Sep 5, 2024Updated last year
- A home for detection content developed by the delivr.to team☆72Aug 10, 2025Updated 7 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆296May 5, 2024Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 10 months ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆729Feb 14, 2026Updated last month
- ☆14Sep 22, 2023Updated 2 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 10 months ago
- A curated list of LLM driven Cyber security Resources☆47Mar 12, 2026Updated last week
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆38Aug 8, 2025Updated 7 months ago
- ☆27Feb 3, 2026Updated last month
- ☆34Aug 8, 2023Updated 2 years ago
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆212Mar 4, 2026Updated 2 weeks ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,207Dec 29, 2025Updated 2 months ago
- Baseline a Windows System against LOLBAS☆72Feb 2, 2026Updated last month
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Turn any blog into structured threat intelligence.☆53Mar 13, 2026Updated last week
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆303Mar 12, 2026Updated last week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆130Apr 6, 2024Updated last year
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Oct 12, 2025Updated 5 months ago
- Sigma Queries turned into KQL for Defender using pysigma☆12Jun 20, 2024Updated last year
- Find potential DLL Sideloads on your windows computer☆220Jan 12, 2025Updated last year
- Menu for Thor scanner lite☆20Oct 24, 2025Updated 4 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,931Jan 20, 2026Updated 2 months ago
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago
- ☆63Feb 28, 2026Updated 2 weeks ago
- ☆34May 24, 2023Updated 2 years ago
- Elastic Security Labs' malware analysis and reverse engineering library☆52Mar 10, 2026Updated last week
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆82Apr 20, 2025Updated 11 months ago