Alternatives and similar repositories for Security-Detections-MCP

Users that are interested in Security-Detections-MCP are comparing it to the libraries listed below

• sandmaxprime / VagrantMalwareWin10VM

  View on GitHub
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Jun 1, 2021Updated 4 years ago
• redcanaryco / osquery-forensics-agent

  View on GitHub
  SecTor - Not-So-Secret Agents: Deploying AI to Optimize Security Operations
  ☆30Oct 15, 2025Updated 4 months ago
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• vysecurity / IPFilter

  View on GitHub
  IP address filter by City
  ☆12Jan 17, 2025Updated last year
• akapv / Sysmon_to_AdvancedHunting_KQL

  View on GitHub
  ☆10Oct 25, 2020Updated 5 years ago
• krdmnbrk / AttackRuleMap

  View on GitHub
  Mapping of open-source detection rules and atomic tests.
  ☆195Updated this week
• krdmnbrk / atomicgen.io

  View on GitHub
  A simple tool designed to create Atomic Red Team tests with ease.
  ☆49Mar 11, 2025Updated 11 months ago
• tsale / awesome-dfir-skills

  View on GitHub
  A curated collection of DFIR skills and workflows for InfoSec practitioners.
  ☆244Feb 8, 2026Updated last week
• joeavanzato / velociraptor-timeline-creator

  View on GitHub
  VTC - Velociraptor Timeline Creator
  ☆19May 15, 2024Updated last year
• Karib0u / rustinel

  View on GitHub
  Windows EDR agent in Rust. ETW telemetry → Sigma/YARA detection → ECS alerts. User-mode, open-source, high-performance.
  ☆57Feb 4, 2026Updated last week
• 0x4D31 / santamon

  View on GitHub
  Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.
  ☆105Dec 3, 2025Updated 2 months ago
• tsale / EDR-Telemetry-Website

  View on GitHub
  ☆74Updated this week
• chihebchebbi / Azure-Sentinel-Hive-Playbook

  View on GitHub
  Send High & New Incidents to The Hive incident management Platform
  ☆18Feb 13, 2021Updated 5 years ago
• SecurityAura / DE-TH-Aura

  View on GitHub
  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…
  ☆277Dec 20, 2025Updated last month
• kcyerrid / CTI

  View on GitHub
  Cyber Threat Intelligence
  ☆74Dec 7, 2025Updated 2 months ago
• 3CORESec / SIEGMA

  View on GitHub
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆159Mar 10, 2025Updated 11 months ago
• LogRhythm-Labs / VirusTotal

  View on GitHub
  VirusTotal SIEM Integration and Automation
  ☆18Jan 16, 2017Updated 9 years ago
• f-bader / AzSentinelQueries

  View on GitHub
  Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.
  ☆137Updated this week
• gmellini / Microsoft-Defender-Security-Center-Hunting-Queries

  View on GitHub
  Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…
  ☆40Apr 8, 2021Updated 4 years ago
• cudeso / misp2sentinel

  View on GitHub
  MISP to Sentinel integration
  ☆79Feb 6, 2026Updated last week
• splunk / ShellSweep

  View on GitHub
  ShellSweeping the evil.
  ☆181Nov 25, 2024Updated last year
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆801Jan 14, 2026Updated last month
• NextronSystems / CyberChef

  View on GitHub
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Aug 10, 2022Updated 3 years ago
• jalacloud / mcp-cti

  View on GitHub
  Repo for experimenting and testing MCP server builds for CTI-related research.
  ☆27May 13, 2025Updated 9 months ago
• sbousseaden / YaraHunts

  View on GitHub
  Random hunting ordiented yara rules
  ☆98Mar 27, 2023Updated 2 years ago
• redcanaryco / AtomicTestHarnesses

  View on GitHub
  Public Repo for Atomic Test Harness
  ☆283Apr 8, 2025Updated 10 months ago
• HillsyCyberSec / CheatSheet

  View on GitHub
  ☆10Aug 9, 2024Updated last year
• nkranidiotis / RedAudit-USB

  View on GitHub
  RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…
  ☆35Nov 15, 2025Updated 3 months ago
• pwnlandia / mnemosyne

  View on GitHub
  Normalizer for honeypot data.
  ☆11Dec 6, 2023Updated 2 years ago
• freqyXin / Offensive-Wireless-Security

  View on GitHub
  Slide deck for DEF CON 30 - Read Team Village - Offensive Wireless Security presentation
  ☆13Aug 16, 2022Updated 3 years ago
• Kathayra / HT-Trackr

  View on GitHub
  How can you track the hunting techniques you come up with?
  ☆13Sep 3, 2017Updated 8 years ago
• rowham / WinSigmaRuleAnalyzer

  View on GitHub
  Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…
  ☆10Dec 22, 2023Updated 2 years ago
• nasbench / Misc-Research

  View on GitHub
  A collection of tools, scripts and personal research
  ☆155Feb 2, 2026Updated last week
• captainGeech42 / synapse-sinkdb

  View on GitHub
  Synapse Rapid Power-up for SinkDB
  ☆11Jun 24, 2025Updated 7 months ago
• WithSecureLabs / FLAIR

  View on GitHub
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Jul 5, 2021Updated 4 years ago
• mdecrevoisier / Windows-auditing-baseline

  View on GitHub
  Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
  ☆60Jun 9, 2025Updated 8 months ago
• vikramrajkumarmajji / AI-VAPT

  View on GitHub
  AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intell…
  ☆83Oct 7, 2025Updated 4 months ago
• chihebchebbi / Sentinel2Attack

  View on GitHub
  ☆14Mar 5, 2021Updated 4 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago