A public collection of detections designed to detect threats associated with the Okta WIC Platform.
☆21Mar 11, 2026Updated last week
Alternatives and similar repositories for customer-detections
Users that are interested in customer-detections are comparing it to the libraries listed below
Sorting:
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Mar 10, 2026Updated last week
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- An index of publicly available and open-source threat detection rulesets.☆130Apr 17, 2025Updated 11 months ago
- A curated list of awesome Okta libraries, open source repos, guides, blogs and other resources.☆16Mar 17, 2025Updated last year
- Generate datasets of cloud audit logs for common attacks☆235Mar 9, 2026Updated last week
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆121Sep 2, 2025Updated 6 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆102Aug 15, 2025Updated 7 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 5 months ago
- A preconfigured Velociraptor triage collector☆76Mar 2, 2026Updated 2 weeks ago
- Quick ESXi Log Parser☆30Oct 20, 2025Updated 4 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆85Jul 4, 2025Updated 8 months ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆279Dec 20, 2025Updated 2 months ago
- Google Maps for AWS IAM☆269Updated this week
- Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…☆156Mar 5, 2026Updated 2 weeks ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆171Dec 7, 2025Updated 3 months ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆729Feb 14, 2026Updated last month
- The official website for The Discord Analytics for Risks & Threats Project.☆22Dec 29, 2025Updated 2 months ago
- 💅🏽 analyzes your github actions☆99Feb 9, 2026Updated last month
- Built-in Panther detection rules and policies☆441Updated this week
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆80Feb 10, 2026Updated last month
- Anvilogic Forge☆116Sep 18, 2025Updated 6 months ago
- MCP Server that integrates with Security Copilot, Sentinel and other tools (in the future). It enhance the process of developing , testin…☆20Oct 8, 2025Updated 5 months ago
- Okta MCP Server☆20Mar 11, 2026Updated last week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆110Jul 21, 2025Updated 7 months ago
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 8 months ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- Automated Cloud Misconfiguration Testing☆22Jun 20, 2025Updated 9 months ago
- Persist like a Dodder☆68May 19, 2025Updated 10 months ago
- 🖥️ Windows 🚀 A Windows tool for emergency privacy: instantly deletes sensitive data and active logins to protect my information during …☆54Jan 26, 2026Updated last month
- Collection of example YARA-L rules for use within Google Security Operations☆477Dec 5, 2025Updated 3 months ago
- The CrowdStrike Falcon SDK for Python☆478Jan 1, 2026Updated 2 months ago
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆51Nov 9, 2025Updated 4 months ago
- Velociraptor Server hosted in Azure App Service☆59Jun 4, 2025Updated 9 months ago
- A framework for developing alerting and detection strategies for incident response.☆850Sep 8, 2025Updated 6 months ago