π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
β45Jun 28, 2025Updated 8 months ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below
Sorting:
- β62Feb 28, 2026Updated last week
- A curated list of LLM driven Cyber security Resourcesβ48Oct 20, 2025Updated 4 months ago
- A starter pack of resources to help you get started in Detection Engineering.β182Jan 17, 2026Updated last month
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and pβ¦β22Feb 2, 2026Updated last month
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecβ¦β15Jul 19, 2025Updated 7 months ago
- Jupyter Univere is a search engine for all infosec jupyter notebooksβ36Mar 24, 2025Updated 11 months ago
- This repository provides insight on how to get started with Microsoft Securityβ11Nov 27, 2025Updated 3 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.β18Jun 16, 2025Updated 8 months ago
- Cyber Threats Detection Rulesβ14Sep 16, 2025Updated 5 months ago
- Config files for my GitHub profile.β14May 7, 2023Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β130Apr 6, 2024Updated last year
- yara detection rules for hunting with the threathunting-keywords projectβ157May 11, 2025Updated 9 months ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Sβ¦β19Sep 5, 2022Updated 3 years ago
- Cyber Threat Intelligenceβ78Dec 7, 2025Updated 3 months ago
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloudβ45Dec 7, 2025Updated 3 months ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microβ¦β135Jan 11, 2026Updated last month
- Welcome to the hands-on resource hub for the Generative AI Development Environments Bootcamp. This repo is designed to help you explore dβ¦β25Oct 22, 2025Updated 4 months ago
- A network logging tool that logs per process activitiesβ32Jun 13, 2023Updated 2 years ago
- β11Feb 9, 2023Updated 3 years ago
- A Windows Event Log MCPβ40Aug 25, 2025Updated 6 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grouβ¦β26Oct 3, 2023Updated 2 years ago
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Maβ¦β49Jul 8, 2025Updated 8 months ago
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, poβ¦β43Feb 14, 2026Updated 3 weeks ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ34Feb 28, 2025Updated last year
- this script will help you find favicon hashes which you can use to shodan to get more details about an assetβ30Mar 18, 2025Updated 11 months ago
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structureβ¦β51Jun 21, 2025Updated 8 months ago
- A security tool designed to help review merged code changes to open source maintained repositories via LLM assisted review to safeguard aβ¦β32Oct 20, 2024Updated last year
- β13Apr 6, 2025Updated 11 months ago
- MISP Playbooksβ222Oct 14, 2025Updated 4 months ago
- Home for Splunk security datasets.β129Mar 18, 2020Updated 5 years ago
- PowerShell-based Automation of Defender for Endpointβ187Jul 3, 2025Updated 8 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interactionβ87Dec 17, 2025Updated 2 months ago
- π Real-time threat detection for smart contractsβ10May 16, 2023Updated 2 years ago
- ETHICAL-HACKINGβ12Dec 20, 2023Updated 2 years ago
- Google Maps for AWS IAMβ264Updated this week
- β87Feb 20, 2026Updated 2 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translationβ92Nov 3, 2025Updated 4 months ago
- This Repository Talks about the Follina MSDT from Defender Perspectiveβ38Jun 2, 2022Updated 3 years ago
- This is a repository to experiment with MCP for securityβ47Jan 22, 2025Updated last year