π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
β45Jun 28, 2025Updated 9 months ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β65Updated this week
- A starter pack of resources to help you get started in Detection Engineering.β184Jan 17, 2026Updated 2 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.β18Jun 16, 2025Updated 9 months ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: β¨AIβ¨β69Updated this week
- Jupyter Univere is a search engine for all infosec jupyter notebooksβ36Mar 24, 2025Updated last year
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A curated list of AI driven Cyber security Resourcesβ48Updated this week
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and pβ¦β27Mar 18, 2026Updated last week
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecβ¦β15Jul 19, 2025Updated 8 months ago
- yara detection rules for hunting with the threathunting-keywords projectβ157May 11, 2025Updated 10 months ago
- This repository provides insight on how to get started with Microsoft Securityβ11Nov 27, 2025Updated 4 months ago
- Cyber Threat Intelligenceβ78Dec 7, 2025Updated 3 months ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and β¦β20Updated this week
- Cyber Threats Detection Rulesβ14Sep 16, 2025Updated 6 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grouβ¦β26Oct 3, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off β’ AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β130Apr 6, 2024Updated last year
- OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacaoβ32Jan 16, 2024Updated 2 years ago
- Documentation for connecting Microsoft Sentinel and the ACSC CTIS platformβ10Jan 23, 2024Updated 2 years ago
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloudβ45Dec 7, 2025Updated 3 months ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targβ¦β12Aug 14, 2025Updated 7 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ36Feb 28, 2025Updated last year
- The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLMβ14Jun 6, 2024Updated last year
- Kusto and Log Analytics MCP server help you execute a KQL (Kusto Query Language) query within an AI prompt, analyze, and visualize the daβ¦β22Mar 18, 2026Updated last week
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microβ¦β139Updated this week
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CKβ214Mar 4, 2026Updated 3 weeks ago
- Automate Checkmarx Scanning and Onboarding Plus AWS Accessβ12Jan 5, 2023Updated 3 years ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Sβ¦β19Sep 5, 2022Updated 3 years ago
- Node.js implementation of the PirateBox Server inspired by David Dartsβ15Dec 8, 2015Updated 10 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.β20May 9, 2025Updated 10 months ago
- Alternative password shadowing schemeβ10Feb 22, 2026Updated last month
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentationβ¦β17Feb 13, 2025Updated last year
- β11Feb 9, 2023Updated 3 years ago
- TCP over DNS tunnel b[l]ind written in go.β16Dec 22, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Simple Chatbot for testing AI Red Team toolingβ17Feb 11, 2025Updated last year
- A Windows Event Log MCPβ42Aug 25, 2025Updated 7 months ago
- MISP Playbooksβ223Oct 14, 2025Updated 5 months ago
- π Real-time threat detection for smart contractsβ10May 16, 2023Updated 2 years ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.β29Apr 10, 2024Updated last year
- [ICLR 2025 SCI-FM Workshop] Lemur: Log Parsing with Entropy Sampling and Chain-of-Thought Mergingβ14Mar 27, 2025Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interactionβ88Mar 11, 2026Updated 2 weeks ago