π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATT&CK, build SIGMA rules, and visualize attack paths.
β45Jun 28, 2025Updated 11 months ago
Alternatives and similar repositories for DEF3ND
Users that are interested in DEF3ND are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- β73Apr 16, 2026Updated 2 months ago
- A starter pack of resources to help you get started in Detection Engineering.β191Jun 4, 2026Updated 2 weeks ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.β18Jun 16, 2025Updated last year
- Threat feeds designed to extract adversarial TTPs and IOCs, using: β¨AIβ¨β72Jun 11, 2026Updated last week
- Jupyter Univere is a search engine for all infosec jupyter notebooksβ37Mar 24, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A curated list of AI driven Cyber security Resourcesβ51May 25, 2026Updated 3 weeks ago
- An AI-powered plugin for Caldera that orchestrates long-running LLM workflows to automatically create adversary emulation abilities and pβ¦β33May 6, 2026Updated last month
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecβ¦β16Jul 19, 2025Updated 10 months ago
- yara detection rules for hunting with the threathunting-keywords projectβ164May 11, 2025Updated last year
- This repository provides insight on how to get started with Microsoft Securityβ12Nov 27, 2025Updated 6 months ago
- Cyber Threat Intelligenceβ80Dec 7, 2025Updated 6 months ago
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and β¦β20Mar 24, 2026Updated 2 months ago
- Config files for my GitHub profile.β14May 7, 2023Updated 3 years ago
- Cyber Threats Detection Rulesβ14Sep 16, 2025Updated 9 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer β’ AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grouβ¦β26Oct 3, 2023Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β131Apr 6, 2024Updated 2 years ago
- Documentation for connecting Microsoft Sentinel and the ACSC CTIS platformβ10Jan 23, 2024Updated 2 years ago
- OASIS CACAO TC: Official repository for work of the CACAO TC https://github.com/oasis-tcs/cacaoβ33Jan 16, 2024Updated 2 years ago
- This is a repository to experiment with MCP for securityβ47Jan 22, 2025Updated last year
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targβ¦β12Aug 14, 2025Updated 10 months ago
- The official repository of PowersheLLM, a model for Powershell maliciousness detection using fine-tuned LLMβ14Jun 6, 2024Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projectsβ38Feb 28, 2025Updated last year
- AI-powered cybersecurity attack flow visualization tool using MITRE ATT&CKβ218Mar 4, 2026Updated 3 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Microβ¦β157Apr 1, 2026Updated 2 months ago
- Did you contain the compromised identity? notyetβ40May 4, 2026Updated last month
- Automate Checkmarx Scanning and Onboarding Plus AWS Accessβ12Jan 5, 2023Updated 3 years ago
- Splunk app to compare Endpoint Detection and Response solutions based on MITRE ATT&CK evaluations (APT3, APT29, Carbanak + FIN7, Wizard Sβ¦β19Sep 5, 2022Updated 3 years ago
- Node.js implementation of the PirateBox Server inspired by David Dartsβ15Dec 8, 2015Updated 10 years ago
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.β20May 9, 2025Updated last year
- Alternative password shadowing schemeβ10May 29, 2026Updated 3 weeks ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentationβ¦β18Feb 13, 2025Updated last year
- TCP over DNS tunnel b[l]ind written in go.β17Dec 22, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ForensicArtifacts.com Artifact Repositoryβ12May 16, 2026Updated last month
- A Windows Event Log MCPβ49Aug 25, 2025Updated 9 months ago
- MISP Playbooksβ229Oct 14, 2025Updated 8 months ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.β28Apr 10, 2024Updated 2 years ago
- Home for Splunk security datasets.β133Mar 18, 2020Updated 6 years ago
- π Real-time threat detection for smart contractsβ10May 16, 2023Updated 3 years ago
- CuanticoSecurityβ10Sep 7, 2016Updated 9 years ago