MCP to help Defenders Detection Engineer Harder and Smarter
☆294Mar 5, 2026Updated this week
Alternatives and similar repositories for Security-Detections-MCP
Users that are interested in Security-Detections-MCP are comparing it to the libraries listed below
Sorting:
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- SecTor - Not-So-Secret Agents: Deploying AI to Optimize Security Operations☆32Oct 15, 2025Updated 4 months ago
- ☆10Oct 25, 2020Updated 5 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- IP address filter by City☆12Jan 17, 2025Updated last year
- Mapping of open-source detection rules and atomic tests.☆202Feb 16, 2026Updated 3 weeks ago
- A simple tool designed to create Atomic Red Team tests with ease.☆50Mar 11, 2025Updated 11 months ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆278Dec 20, 2025Updated 2 months ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆257Feb 8, 2026Updated last month
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.☆105Dec 3, 2025Updated 3 months ago
- ☆74Feb 16, 2026Updated 3 weeks ago
- Send High & New Incidents to The Hive incident management Platform☆18Feb 13, 2021Updated 5 years ago
- GenAI-STIX2.1-Generator is a tool that leverages Azure OpenAI capabilities to transform threat intelligence reports from unstructured web…☆24Mar 24, 2025Updated 11 months ago
- A collection of tools, scripts and personal research☆157Feb 2, 2026Updated last month
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆803Jan 14, 2026Updated last month
- Cyber Threat Intelligence☆78Dec 7, 2025Updated 3 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆47Jan 22, 2025Updated last year
- ReversingLabs YARA Rules☆900Nov 3, 2025Updated 4 months ago
- Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.☆71Updated this week
- VirusTotal SIEM Integration and Automation☆18Jan 16, 2017Updated 9 years ago
- A beginners guide to exploiting Buffer Oveflow vulnerabilities using Ollydbg simular to offensive security techniques.☆10May 3, 2019Updated 6 years ago
- yara detection rules for hunting with the threathunting-keywords project☆157May 11, 2025Updated 9 months ago
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆137Updated this week
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 4 years ago
- MISP to Sentinel integration☆79Feb 6, 2026Updated last month
- ShellSweeping the evil.☆181Nov 25, 2024Updated last year
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated 3 weeks ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆109Apr 22, 2025Updated 10 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 9 months ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- Public Repo for Atomic Test Harness☆284Apr 8, 2025Updated 11 months ago
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 3 months ago
- ☆12Feb 9, 2025Updated last year
- ☆10Aug 9, 2024Updated last year