Placeholder for my detection repo and misc detection engineering content
☆42Oct 20, 2023Updated 2 years ago
Alternatives and similar repositories for detections
Users that are interested in detections are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Jun 28, 2023Updated 2 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- A collection of my yara rules☆34Jul 11, 2023Updated 2 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Repository for Ludus french templates☆23Mar 1, 2026Updated 3 weeks ago
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 6 months ago
- ☆262May 9, 2024Updated last year
- Default Detections for EDR☆97Feb 20, 2024Updated 2 years ago
- Yara rules☆22Mar 27, 2023Updated 3 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆59Mar 2, 2025Updated last year
- Scripts and lists to help generate YARA friendly string mutations☆22Apr 9, 2023Updated 2 years ago
- ☆46Oct 27, 2023Updated 2 years ago
- Repository of Volatility3 plugins☆22Mar 22, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- ☆44Jul 11, 2025Updated 8 months ago
- A repository to share publicly available Velociraptor detection content☆196Mar 15, 2026Updated last week
- Predicting the probability of an exploit being released after a CVE is published (by Machine learning algorithm)☆13Aug 8, 2023Updated 2 years ago
- Lists of not-suitable-for-work words as YARA rules☆29Feb 2, 2026Updated last month
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated 2 years ago
- A collection of small scripts and tools for deobfuscation and malware analysis.☆67Mar 27, 2023Updated 2 years ago
- Bloodhound Portable for Windows☆53Apr 1, 2023Updated 2 years ago
- ☆78Mar 17, 2026Updated last week
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Presentation slides, blogs, and videos of my conference presentations.☆26Jan 31, 2024Updated 2 years ago
- A repository of my own Sigma detection rules.☆164Nov 25, 2025Updated 4 months ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, an…☆13Feb 18, 2024Updated 2 years ago
- Indicators of compromise☆17Jan 29, 2026Updated last month
- ☆12Apr 17, 2022Updated 3 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- ☆22Mar 4, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Microsoft Signed PowerShell scripts☆219Mar 14, 2023Updated 3 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆26Sep 12, 2023Updated 2 years ago
- ☆96Jan 7, 2026Updated 2 months ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago