YARA, SIGMA, SNORT Rules based on Malware Analysis
☆17Apr 23, 2025Updated 11 months ago
Alternatives and similar repositories for Detection_Engineering_Signatures
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Hunting Newly Registered Domains☆10Jan 6, 2019Updated 7 years ago
- THOR APT Scanner User Manual☆20Mar 31, 2026Updated last week
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆69Mar 31, 2026Updated last week
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- Comprehensive notes and resources to ace the eLearnSecurity Junior Penetration Testing certificate, helping you master the art of ethical…☆13Nov 27, 2023Updated 2 years ago
- ☆12Nov 13, 2023Updated 2 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆19Mar 3, 2022Updated 4 years ago
- Repository for code for DGA Intel package.☆12Oct 6, 2021Updated 4 years ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆48Mar 5, 2026Updated last month
- Quickly generate suricata rules for IOCs☆28Apr 30, 2021Updated 4 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- Caldera plugin to deploy "humans" to emulate user behavior on systems☆31Mar 18, 2026Updated 3 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆21Nov 15, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- A minimalist Hugo theme that helps you build fully responsive documentation websites for small projects.☆10Oct 19, 2021Updated 4 years ago
- A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.☆14Sep 17, 2020Updated 5 years ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆36Aug 12, 2022Updated 3 years ago
- Two plugins to recover TMP keys from Saleae logic analyser traces☆15Jun 10, 2022Updated 3 years ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated last year
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- KQL Queries for Advanced Hunting / Log Analytics☆13Jan 29, 2026Updated 2 months ago
- Obsidian vault notes collection on Ethical Hacking Tools and Techniques, HackTheBox, and HTB Academy☆10Aug 15, 2023Updated 2 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆133Mar 28, 2022Updated 4 years ago
- A series of functions to parse Teamviewer logs to answer specific questions☆10Jul 17, 2022Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 11 months ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated 11 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆180Updated this week
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Polyglot detector☆23Jun 5, 2025Updated 10 months ago
- ☆11Jun 12, 2023Updated 2 years ago
- ☆13Nov 29, 2024Updated last year
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- A series of PowerShell scripts to automate the assessment of Azure IaaS security☆21Feb 18, 2026Updated last month
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…☆24Updated this week