karmine05 / DEF3NDLinks
π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
β35Updated 2 weeks ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below
Sorting:
- β41Updated last week
- A starter pack of resources to help you get started in Detection Engineering.β132Updated this week
- A curated list of LLM driven Cyber security Resourcesβ31Updated last month
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )β186Updated 10 months ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view ofβ¦β10Updated last year
- β107Updated last month
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.β112Updated 7 months ago
- A preconfigured Velociraptor triage collectorβ52Updated this week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The researchβ¦β46Updated 2 months ago
- A collection of various SIEM rules relating to malware family groups.β66Updated last year
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.β61Updated this week
- Automating Security Detection Engineering, published by Packtβ59Updated 9 months ago
- Mapping of open-source detection rules and atomic tests.β169Updated 5 months ago
- β92Updated last month
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.β51Updated 8 months ago
- A repository of my own Sigma detection rules.β159Updated 10 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.β39Updated last month
- SigmaHQ pySigma CrowdStrike processing pipelineβ26Updated 8 months ago
- SentinelOne STAR Rulesβ62Updated 5 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigationβ77Updated last year
- Dettectinator - The Python library to your DeTT&CT YAML files.β114Updated 3 months ago
- β95Updated 2 years ago
- β138Updated last week
- An index of publicly available and open-source threat detection rulesets.β116Updated 2 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with β¦β128Updated 11 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitionersβ97Updated 8 months ago
- An opensource sigma conversion tool built using pysigmaβ131Updated last month
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationβ81Updated last month
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defenseβ91Updated last year
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to theirβ¦β26Updated 7 months ago