YARA, SIGMA, SNORT Rules based on Malware Analysis
☆17Apr 23, 2025Updated last year
Alternatives and similar repositories for Detection_Engineering_Signatures
Users that are interested in Detection_Engineering_Signatures are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Hunting Newly Registered Domains☆10Jan 6, 2019Updated 7 years ago
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆72Updated this week
- Osquery Resources☆64Aug 23, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.☆10Nov 4, 2022Updated 3 years ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆55Mar 5, 2026Updated 3 months ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- My Blog.☆13Jan 23, 2021Updated 5 years ago
- Sabonis, a Digital Forensics and Incident Response pivoting tool☆20Mar 3, 2022Updated 4 years ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆22Nov 15, 2024Updated last year
- ☆12Nov 13, 2023Updated 2 years ago
- Repository for code for DGA Intel package.☆13Oct 6, 2021Updated 4 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Check reputation of IP/url/hash/file in bulk with mutiple OSINT☆19Dec 8, 2022Updated 3 years ago
- Plugin providing AF_XDP support for Bro.☆15May 10, 2021Updated 5 years ago
- A series of Linux and Windows based Forensics labs. Tools used include: FTK, EnCase, Sleuthkit, Autopsy, Volatility, etc.☆15Sep 17, 2020Updated 5 years ago
- Enrich IP addresses with metadata and threat intelligence indicators.☆24Aug 12, 2023Updated 2 years ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆36Aug 12, 2022Updated 3 years ago
- Two plugins to recover TMP keys from Saleae logic analyser traces☆15Jun 10, 2022Updated 4 years ago
- KQL Queries for Advanced Hunting / Log Analytics☆13Jan 29, 2026Updated 4 months ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- Obsidian vault notes collection on Ethical Hacking Tools and Techniques, HackTheBox, and HTB Academy☆10Aug 15, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆135Mar 28, 2022Updated 4 years ago
- A series of functions to parse Teamviewer logs to answer specific questions☆10Jul 17, 2022Updated 3 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated last year
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Polyglot detector☆25Jun 5, 2025Updated last year
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆182Updated this week
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Random scripts that I used in the CARTP course lab & final exam.☆16Feb 28, 2024Updated 2 years ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…☆26May 30, 2026Updated last week
- 🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains ass…☆17May 8, 2025Updated last year
- A curated awesome list of lists of interview questions. Feel free to contribute!☆25Jul 24, 2024Updated last year
- A dataset of phishing kits in the wild☆15Jun 1, 2024Updated 2 years ago
- A collection of macro benchmarks for the Python programming language☆27Nov 20, 2024Updated last year