Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
☆225Sep 4, 2024Updated last year
Alternatives and similar repositories for diana
Users that are interested in diana are comparing it to the libraries listed below
Sorting:
- Generate datasets of cloud audit logs for common attacks☆233Feb 13, 2026Updated 2 weeks ago
- OCSF Schema Validation☆13Dec 13, 2024Updated last year
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated last week
- ☆23Sep 20, 2024Updated last year
- Anvilogic Forge☆115Sep 18, 2025Updated 5 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆302Updated this week
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Dec 29, 2025Updated 2 months ago
- Halberd : Multi-Cloud Agentic Attack Tool☆334Jan 12, 2026Updated last month
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- ☆120May 26, 2025Updated 9 months ago
- AWS honey token manager☆89Aug 1, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,142Dec 19, 2025Updated 2 months ago
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- A tool to uncover undocumented APIs from the AWS Console.☆116Apr 29, 2025Updated 10 months ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆104Oct 13, 2025Updated 4 months ago
- Rules shared by the community from 100 Days of YARA 2025☆38Jan 2, 2026Updated 2 months ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Updated this week
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Nov 16, 2024Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 2 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆289Feb 5, 2024Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- A resource containing all the tools each ransomware gangs uses☆1,330Dec 24, 2025Updated 2 months ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆56Dec 18, 2023Updated 2 years ago
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Jun 18, 2024Updated last year
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆51Nov 9, 2025Updated 3 months ago
- An index of publicly available and open-source threat detection rulesets.☆130Apr 17, 2025Updated 10 months ago
- Open source templates you can use to bootstrap your security programs☆890Dec 28, 2025Updated 2 months ago
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 2 years ago
- ☆30Jan 13, 2026Updated last month
- ☆18Jul 30, 2024Updated last year
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- ☆75Mar 19, 2025Updated 11 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆638Aug 4, 2025Updated 6 months ago
- Helm charts for running open source digital forensic tools in Kubernetes☆184Updated this week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,445Updated this week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆173Jan 30, 2026Updated last month