MCP to help Defenders Detection Engineer Harder and Smarter
☆403Apr 15, 2026Updated this week
Alternatives and similar repositories for Security-Detections-MCP
Users that are interested in Security-Detections-MCP are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- ☆12Mar 28, 2026Updated 3 weeks ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆285Apr 10, 2026Updated last week
- Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.☆111Dec 3, 2025Updated 4 months ago
- AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intell…☆92Oct 7, 2025Updated 6 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆280Dec 20, 2025Updated 3 months ago
- IP address filter by City☆12Jan 17, 2025Updated last year
- SecTor - Not-So-Secret Agents: Deploying AI to Optimize Security Operations☆35Oct 15, 2025Updated 6 months ago
- Mapping of open-source detection rules and atomic tests.☆206Feb 16, 2026Updated 2 months ago
- Cross-platform EDR in Rust for Windows ETW and Linux eBPF, with Sigma, YARA, and IOC detection.☆103Updated this week
- MISP to Sentinel integration☆79Feb 6, 2026Updated 2 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆810Jan 14, 2026Updated 3 months ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- GenAI-STIX2.1-Generator is a tool that leverages Azure OpenAI capabilities to transform threat intelligence reports from unstructured web…☆24Mar 24, 2025Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆50Mar 11, 2025Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆308Updated this week
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 5 months ago
- ☆73Apr 4, 2026Updated 2 weeks ago
- ☆68May 13, 2022Updated 3 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- LotL RMM☆330Mar 24, 2026Updated 3 weeks ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 11 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Knowledge Report Alert & Normalization Generator☆26Feb 11, 2026Updated 2 months ago
- Thor Artifacts for Velociraptor☆19Dec 2, 2025Updated 4 months ago
- Cyber Threat Intelligence☆79Dec 7, 2025Updated 4 months ago
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆141Updated this week
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆47Jan 22, 2025Updated last year
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆819Apr 9, 2026Updated last week
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- pySigma Splunk backend☆42Mar 22, 2026Updated 3 weeks ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆67Feb 22, 2026Updated last month
- Public Repo for Atomic Test Harness☆285Apr 8, 2025Updated last year
- ☆122Dec 6, 2025Updated 4 months ago
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago