Placeholder for my detection repo and misc detection engineering content
☆42Oct 20, 2023Updated 2 years ago
Alternatives and similar repositories for detections
Users that are interested in detections are comparing it to the libraries listed below
Sorting:
- Repository for Ludus french templates☆21Updated this week
- ☆14Mar 20, 2025Updated 11 months ago
- ☆46Oct 27, 2023Updated 2 years ago
- Default Detections for EDR☆97Feb 20, 2024Updated 2 years ago
- A collection of my yara rules☆34Jul 11, 2023Updated 2 years ago
- ☆261May 9, 2024Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Repository of Volatility3 plugins☆22Mar 22, 2023Updated 2 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Ransomware dataset, containing dynamic behaviour of more than 60 distinct ransomware families.☆10Aug 29, 2022Updated 3 years ago
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.☆18Nov 7, 2024Updated last year
- An automation framework for CyberSecurity Tools☆12Dec 6, 2025Updated 3 months ago
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- ☆44Jul 11, 2025Updated 7 months ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆26Jul 14, 2024Updated last year
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, an…☆13Feb 18, 2024Updated 2 years ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 4 years ago
- ☆12Apr 17, 2022Updated 3 years ago
- Project to Support The Hunter's Framework (THF)☆11Apr 16, 2024Updated last year
- This repository is to provide a write-up and PoC for CVE-2023-41717.☆12Aug 31, 2023Updated 2 years ago
- A single place for all my Threat Intel and OSINT tools and commands☆14Feb 26, 2026Updated last week
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 5 months ago
- bypassing the twitter safety link firewall :)☆12May 4, 2025Updated 10 months ago
- MS Graph Commands and Tools for Blue Teamers☆51Feb 4, 2026Updated last month
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Jun 28, 2023Updated 2 years ago
- ☆78Jan 15, 2026Updated last month
- Bloodhound Portable for Windows☆53Apr 1, 2023Updated 2 years ago
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆197Feb 19, 2025Updated last year
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- Deobfuscates python code that has been obfuscated using https://development-tools.net/python-obfuscator/☆10Mar 10, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆26Sep 12, 2023Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- RCE PoC for Empire C2 framework <5.9.3☆28Feb 24, 2024Updated 2 years ago