Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
☆223Sep 4, 2024Updated last year
Alternatives and similar repositories for diana
Users that are interested in diana are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Generate datasets of cloud audit logs for common attacks☆235Mar 9, 2026Updated last week
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆304Updated this week
- Anvilogic Forge☆116Sep 18, 2025Updated 6 months ago
- OCSF Schema Validation☆12Dec 13, 2024Updated last year
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,206Dec 29, 2025Updated 2 months ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,155Dec 19, 2025Updated 3 months ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Mar 11, 2026Updated last week
- ☆120May 26, 2025Updated 9 months ago
- Halberd : Multi-Cloud Agentic Attack Tool☆335Jan 12, 2026Updated 2 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- An index of publicly available and open-source threat detection rulesets.☆130Apr 17, 2025Updated 11 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆51Nov 16, 2024Updated last year
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆56Dec 18, 2023Updated 2 years ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆290Feb 5, 2024Updated 2 years ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆105Oct 13, 2025Updated 5 months ago
- AWS honey token manager☆90Aug 1, 2024Updated last year
- Rules shared by the community from 100 Days of YARA 2025☆38Jan 2, 2026Updated 2 months ago
- Automating Security Detection Engineering, published by Packt☆67Oct 12, 2024Updated last year
- Detect Tactics, Techniques & Combat Threats☆2,269Jan 21, 2026Updated 2 months ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆352Updated this week
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- Cloud Commotion intends to cause chaos to simulate security incidents☆146Jun 18, 2024Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- Built-in Panther detection rules and policies☆441Updated this week
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆51Nov 9, 2025Updated 4 months ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Mar 10, 2026Updated last week
- A tool to uncover undocumented APIs from the AWS Console.☆120Mar 16, 2026Updated last week
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 2 years ago
- Agentic Workflows Made Simple☆162Mar 12, 2025Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,460Updated this week
- ☆23Sep 20, 2024Updated last year
- Open source templates you can use to bootstrap your security programs☆894Dec 28, 2025Updated 2 months ago
- A preconfigured Velociraptor triage collector☆76Mar 2, 2026Updated 3 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆648Aug 4, 2025Updated 7 months ago
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆384Oct 1, 2024Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆171Dec 7, 2025Updated 3 months ago
- Helm charts for running open source digital forensic tools in Kubernetes☆187Mar 12, 2026Updated last week