π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
β45Jun 28, 2025Updated 11 months ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β71Apr 16, 2026Updated last month
- A starter pack of resources to help you get started in Detection Engineering.β189Jan 17, 2026Updated 4 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.β18Jun 16, 2025Updated 11 months ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: β¨AIβ¨β72May 22, 2026Updated last week
- Jupyter Univere is a search engine for all infosec jupyter notebooksβ37Mar 24, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A curated list of AI driven Cyber security Resourcesβ51May 21, 2026Updated last week
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and pβ¦β30May 6, 2026Updated 3 weeks ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecβ¦β16Jul 19, 2025Updated 10 months ago
- yara detection rules for hunting with the threathunting-keywords projectβ162May 11, 2025Updated last year
- Repo for experimenting and testing MCP server builds for CTI-related research.β27May 13, 2025Updated last year
- This repository provides insight on how to get started with Microsoft Securityβ12Nov 27, 2025Updated 6 months ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and β¦β20Mar 24, 2026Updated 2 months ago
- Cyber Threats Detection Rulesβ14Sep 16, 2025Updated 8 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grouβ¦β26Oct 3, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β130Apr 6, 2024Updated 2 years ago
- Documentation for connecting Microsoft Sentinel and the ACSC CTIS platformβ10Jan 23, 2024Updated 2 years ago
- This is a repository to experiment with MCP for securityβ47Jan 22, 2025Updated last year
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloudβ47Dec 7, 2025Updated 5 months ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targβ¦β12Aug 14, 2025Updated 9 months ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ38Feb 28, 2025Updated last year
- The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLMβ14Jun 6, 2024Updated last year
- Kusto and Log Analytics MCP server help you execute a KQL (Kusto Query Language) query within an AI prompt, analyze, and visualize the daβ¦β24May 9, 2026Updated 3 weeks ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microβ¦β153Apr 1, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CKβ215Mar 4, 2026Updated 2 months ago
- Did you contain the compromised identity? notyetβ40May 4, 2026Updated 3 weeks ago
- Automate Checkmarx Scanning and Onboarding Plus AWS Accessβ12Jan 5, 2023Updated 3 years ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Sβ¦β19Sep 5, 2022Updated 3 years ago
- Node.js implementation of the PirateBox Server inspired by David Dartsβ15Dec 8, 2015Updated 10 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.β20May 9, 2025Updated last year
- Alternative password shadowing schemeβ10Feb 22, 2026Updated 3 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentationβ¦β17Feb 13, 2025Updated last year
- TCP over DNS tunnel b[l]ind written in go.β17Dec 22, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean β’ AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- β11Feb 9, 2023Updated 3 years ago
- Simple Chatbot for testing AI Red Team toolingβ17Feb 11, 2025Updated last year
- A Windows Event Log MCPβ49Aug 25, 2025Updated 9 months ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.β28Apr 10, 2024Updated 2 years ago
- [ICLR 2025 SCI-FM Workshop] Lemur: Log Parsing with Entropy Sampling and Chain-of-Thought Mergingβ14Mar 27, 2025Updated last year
- π Real-time threat detection for smart contractsβ10May 16, 2023Updated 3 years ago
- This repository is the tutorial for the IsitObservable Episode on Fluentdβ11May 7, 2025Updated last year