🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
☆45Jun 28, 2025Updated 10 months ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A starter pack of resources to help you get started in Detection Engineering.☆188Jan 17, 2026Updated 3 months ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆70May 2, 2026Updated last week
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆37Mar 24, 2025Updated last year
- A curated list of AI driven Cyber security Resources☆50Mar 28, 2026Updated last month
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and p…☆29Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆16Jul 19, 2025Updated 9 months ago
- yara detection rules for hunting with the threathunting-keywords project☆161May 11, 2025Updated 11 months ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 11 months ago
- This repository provides insight on how to get started with Microsoft Security☆11Nov 27, 2025Updated 5 months ago
- Cyber Threat Intelligence☆79Dec 7, 2025Updated 5 months ago
- Config files for my GitHub profile.☆14May 7, 2023Updated 3 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 7 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆130Apr 6, 2024Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This is a repository to experiment with MCP for security☆47Jan 22, 2025Updated last year
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud☆46Dec 7, 2025Updated 5 months ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 8 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆38Feb 28, 2025Updated last year
- The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLM☆14Jun 6, 2024Updated last year
- Kusto and Log Analytics MCP server help you execute a KQL (Kusto Query Language) query within an AI prompt, analyze, and visualize the da…☆23Updated this week
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CK☆215Mar 4, 2026Updated 2 months ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆151Apr 1, 2026Updated last month
- Did you contain the compromised identity? notyet☆40Updated this week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Automate Checkmarx Scanning and Onboarding Plus AWS Access☆12Jan 5, 2023Updated 3 years ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard S…☆19Sep 5, 2022Updated 3 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- Alternative password shadowing scheme☆10Feb 22, 2026Updated 2 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- ☆11Feb 9, 2023Updated 3 years ago
- TCP over DNS tunnel b[l]ind written in go.☆16Dec 22, 2024Updated last year
- ForensicArtifacts.com Artifact Repository☆12Updated this week
- A Windows Event Log MCP☆46Aug 25, 2025Updated 8 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- MISP Playbooks☆225Oct 14, 2025Updated 6 months ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆28Apr 10, 2024Updated 2 years ago
- Home for Splunk security datasets.☆131Mar 18, 2020Updated 6 years ago
- [ICLR 2025 SCI-FM Workshop] Lemur: Log Parsing with Entropy Sampling and Chain-of-Thought Merging☆14Mar 27, 2025Updated last year
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 2 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆89Mar 11, 2026Updated last month