Anvilogic Forge
☆116Sep 18, 2025Updated 6 months ago
Alternatives and similar repositories for armory
Users that are interested in armory are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Sublime rules for email attack detection, prevention, and threat hunting.☆352Updated this week
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Nov 16, 2024Updated last year
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Mar 11, 2026Updated last week
- This is a collection of threat detection rules / rules engines that I have come across.☆297May 5, 2024Updated last year
- ☆15May 3, 2024Updated last year
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Sep 4, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,155Dec 19, 2025Updated 3 months ago
- ☆40Nov 29, 2024Updated last year
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆290Feb 5, 2024Updated 2 years ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Mar 10, 2026Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- A powershell script for creating a Windows honeyport.☆12Jun 24, 2015Updated 10 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- ☆382Apr 18, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆33Oct 14, 2024Updated last year
- Built-in Panther detection rules and policies☆441Updated this week
- Stupid Simple Detection Testing☆13Mar 7, 2024Updated 2 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆154Mar 4, 2026Updated 2 weeks ago
- Resources for DFIR. And more.☆11Jul 3, 2024Updated last year
- 威胁检测规则集☆15Jul 5, 2019Updated 6 years ago
- A framework for developing alerting and detection strategies for incident response.☆852Sep 8, 2025Updated 6 months ago
- Mapping of open-source detection rules and atomic tests.☆204Feb 16, 2026Updated last month
- A collection of open source threat detection rules created by Cyber Castle's team.☆14Jun 2, 2022Updated 3 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆806Jan 14, 2026Updated 2 months ago
- Local CLI tool for browser extension risk analysis☆27Apr 11, 2025Updated 11 months ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆787Updated this week
- Awesome secure by default libraries to help you eliminate bug classes!☆701Dec 6, 2025Updated 3 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆407Sep 2, 2023Updated 2 years ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆56Dec 18, 2023Updated 2 years ago
- ShellSweeping the evil.☆181Nov 25, 2024Updated last year
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆339Updated this week
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆266Nov 21, 2025Updated 4 months ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆23Mar 11, 2026Updated last week
- Security Content for the PEAK Threat Hunting Framework☆45Feb 15, 2024Updated 2 years ago
- Lightweight macOS detection agent built on Santa’s Endpoint Security telemetry.☆109Dec 3, 2025Updated 3 months ago
- Welcome to Autoaudit, a log tampering detection tool.☆13Mar 19, 2024Updated 2 years ago
- An LLM and OCR based Indicator of Compromise Extraction Tool☆38Dec 4, 2024Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆60Mar 12, 2022Updated 4 years ago