MCP to help Defenders Detection Engineer Harder and Smarter
☆462Jun 16, 2026Updated last month
Alternatives and similar repositories for Security-Detections-MCP
Users that are interested in Security-Detections-MCP are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with AI Artifacts, AI Secret …☆295Jun 6, 2026Updated last month
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆226Jul 2, 2026Updated 2 weeks ago
- Cyber Threat Defense World Modeling☆25May 13, 2026Updated 2 months ago
- Run TTPs, with AI!☆140Feb 23, 2026Updated 4 months ago
- ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.☆331Updated this week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆329Updated this week
- Detection intelligence turbocharged with Al.☆536Mar 3, 2026Updated 4 months ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆321May 14, 2026Updated 2 months ago
- An AI-backed threat hunting assistant that aligns to the PEAK framework.☆57Jun 1, 2026Updated last month
- how to strangle threats☆57Updated this week
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,971Jul 7, 2026Updated last week
- Hunt Smarter, Hunt Harder☆198Mar 14, 2026Updated 4 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆489Oct 29, 2025Updated 8 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,721Jun 22, 2026Updated 3 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Helping defenders learn and validate npm supply-chain detections with safe atomic tests.☆34Oct 30, 2025Updated 8 months ago
- A Triage Agent for reducing junior analyst manual activiites☆42May 11, 2026Updated 2 months ago
- A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.☆729Apr 8, 2026Updated 3 months ago
- Share Information about Microsoft Security Products☆109Updated this week
- Free educational content on reverse engineering and malware analysis from the FLARE team☆1,355Mar 31, 2026Updated 3 months ago
- ☆37Updated this week
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆287Jun 23, 2026Updated 3 weeks ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆661Jul 6, 2026Updated last week
- ☆24Jul 9, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- CTI Expert — Cyber Threat Intelligence & OSINT analysis skill for Claude Code. 67+ commands, 35 techniques, no API keys required.☆251Jun 30, 2026Updated 2 weeks ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆919Jul 7, 2026Updated last week
- Vigil - an ever improving 100% OpenSource AI system for security☆214Updated this week
- Ian Hanley's deceptively simple KQL queries.☆68Apr 10, 2026Updated 3 months ago
- Cross-platform incident response toolkit. 28 pre-built use cases in a single zero-install binary: triage, threat hunting, memory forensic…☆150Jul 6, 2026Updated last week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆865Updated this week
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆823Apr 18, 2026Updated 3 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆471Feb 18, 2026Updated 5 months ago
- Generate realistic synthetic security logs for cybersecurity threat hunting training and research☆189Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,292Jul 11, 2026Updated last week
- A repository of my own Sigma detection rules.☆166Nov 25, 2025Updated 7 months ago
- A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint.☆29Feb 10, 2026Updated 5 months ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆789Jun 3, 2026Updated last month
- Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents,…☆3,328Updated this week
- ☆2,655Updated this week
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆867Jan 20, 2022Updated 4 years ago