🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
☆45Jun 28, 2025Updated last year
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆73Jun 15, 2026Updated 3 weeks ago
- A starter pack of resources to help you get started in Detection Engineering.☆192Jun 4, 2026Updated last month
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 28, 2026Updated last week
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆72Jun 17, 2026Updated 3 weeks ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆38Mar 24, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and p…☆34May 6, 2026Updated 2 months ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆16Jul 19, 2025Updated 11 months ago
- yara detection rules for hunting with the threathunting-keywords project☆164May 11, 2025Updated last year
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated last year
- This repository provides insight on how to get started with Microsoft Security☆12Nov 27, 2025Updated 7 months ago
- Cyber Threat Intelligence☆82Dec 7, 2025Updated 7 months ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Jun 16, 2026Updated 3 weeks ago
- Config files for my GitHub profile.☆14May 7, 2023Updated 3 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 9 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆131Apr 6, 2024Updated 2 years ago
- Documentation for connecting Microsoft Sentinel and the ACSC CTIS platform☆10Jan 23, 2024Updated 2 years ago
- OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacao☆33Jan 16, 2024Updated 2 years ago
- This is a repository to experiment with MCP for security☆48Jan 22, 2025Updated last year
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 10 months ago
- The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLM☆14Jun 6, 2024Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆38Feb 28, 2025Updated last year
- Kusto and Log Analytics MCP server help you execute a KQL (Kusto Query Language) query within an AI prompt, analyze, and visualize the da…☆24Jun 11, 2026Updated 3 weeks ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆220Mar 4, 2026Updated 4 months ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆157Apr 1, 2026Updated 3 months ago
- Did you contain the compromised identity? notyet☆41May 4, 2026Updated 2 months ago
- Automate Checkmarx Scanning and Onboarding Plus AWS Access☆12Jan 5, 2023Updated 3 years ago
- Node.js implementation of the PirateBox Server inspired by David Darts☆15Dec 8, 2015Updated 10 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆21May 9, 2025Updated last year
- Alternative password shadowing scheme☆10Jul 1, 2026Updated last week
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆18Feb 13, 2025Updated last year
- TCP over DNS tunnel b[l]ind written in go.☆18Dec 22, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆11Feb 9, 2023Updated 3 years ago
- Simple Chatbot for testing AI Red Team tooling☆17Feb 11, 2025Updated last year
- A Windows Event Log MCP☆49Aug 25, 2025Updated 10 months ago
- MISP Playbooks☆231Oct 14, 2025Updated 8 months ago
- [ICLR 2025 SCI-FM Workshop] Lemur: Log Parsing with Entropy Sampling and Chain-of-Thought Merging☆14Mar 27, 2025Updated last year
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆28Apr 10, 2024Updated 2 years ago
- Home for Splunk security datasets.☆135Mar 18, 2020Updated 6 years ago