olafhartong/detection-sources external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

olafhartong/detection-sources

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/olafhartong/detection-sources)

Close

olafhartong / detection-sourcesView on GitHubMore

• External links
• Readme badge

☆53Mar 4, 2019Updated 7 years ago

Alternatives and similar repositories for detection-sources

Users that are interested in detection-sources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mgreen27 / mgreen27.github.io

  View on GitHub
  Matt's DFIR blog
  ☆14Jul 28, 2025Updated 8 months ago
• pandaof / ATT-CK-and-Atomic-Red-Team

  View on GitHub
  ☆11Jun 11, 2025Updated 10 months ago
• P4T12ICK / Sigma-Hunting-App

  View on GitHub
  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
  ☆111Feb 6, 2020Updated 6 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago
• 0xAnalyst / Sysmon

  View on GitHub
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆55Jul 10, 2024Updated last year
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• johnbergbom / PeddleCheap

  View on GitHub
  Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.
  ☆17Nov 29, 2017Updated 8 years ago
• SecurityRiskAdvisors / TALR

  View on GitHub
  Threat Alert Logic Repository
  ☆93Feb 7, 2019Updated 7 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 5 years ago
• aacgood / Cortex-Analyzers

  View on GitHub
  A collection of Cortex Analyzers and Responders for TheHive/Cortex
  ☆13Jan 29, 2020Updated 6 years ago
• ajackal / ir_scripts

  View on GitHub
  incident response scripts
  ☆18Mar 4, 2019Updated 7 years ago
• olafhartong / ThreatHunting

  View on GitHub
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,178Jul 26, 2023Updated 2 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,007May 25, 2022Updated 3 years ago
• olafhartong / ATTACKdatamap

  View on GitHub
  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
  ☆356Nov 3, 2020Updated 5 years ago
• Th1ru-M / Windows-Threat-Hunting

  View on GitHub
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Dec 8, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• OTRF / notebooks-forge

  View on GitHub
  A collection of notebooks built for defensive and offensive operations.
  ☆77Oct 13, 2020Updated 5 years ago
• ninoseki / fanger

  View on GitHub
  An npm package to defang and refang IoC
  ☆13Apr 11, 2026Updated last week
• TKCERT / sysmon-config

  View on GitHub
  Please see other maintained fork:
  ☆17Dec 4, 2025Updated 4 months ago
• olafhartong / sysmon-modular-linux

  View on GitHub
  A repository of Sysmon For Linux configuration modules
  ☆16Oct 14, 2021Updated 4 years ago
• Foundstone / InvestigationPlaybookSpec

  View on GitHub
  InvestigationPlaybookSpec
  ☆71Sep 26, 2017Updated 8 years ago
• huydhn / certstream-analytics

  View on GitHub
  certstream + analytics
  ☆11Jan 17, 2020Updated 6 years ago
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,734Mar 20, 2024Updated 2 years ago
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,076Nov 28, 2024Updated last year
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆432Dec 22, 2023Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• secgroundzero / ossem_modular

  View on GitHub
  OSSEM Modular
  ☆27Jun 29, 2020Updated 5 years ago
• jipegit / IncidentsMindMaps

  View on GitHub
  Cybersecurity Incidents Mind Maps
  ☆34Sep 29, 2021Updated 4 years ago
• endgameinc / eqllib

  View on GitHub
  ☆168Jan 20, 2021Updated 5 years ago
• jaegeral / awesome-incident-response-pro-bono

  View on GitHub
  This repository is a curated list of pro bono incident response entities.
  ☆21Jun 21, 2023Updated 2 years ago
• vector-sec / TA_ETW

  View on GitHub
  Splunk Technology Add-On (TA) for collecting ETW events from Windows systems
  ☆16Dec 8, 2022Updated 3 years ago
• Cyb3rWard0g / Invoke-ATTACKAPI

  View on GitHub
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆370Feb 7, 2019Updated 7 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,549Jan 24, 2023Updated 3 years ago
• OTRF / OSSEM-DD

  View on GitHub
  OSSEM Data Dictionaries
  ☆65Jan 22, 2025Updated last year
• redbullsecteam / intrusion-detection-wiki

  View on GitHub
  ☆11Apr 15, 2020Updated 6 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• proferosec / Threat-Intelligence

  View on GitHub
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Sep 17, 2019Updated 6 years ago
• olafhartong / sysmon-cheatsheet

  View on GitHub
  All sysmon event types and their fields explained
  ☆567Nov 13, 2021Updated 4 years ago
• RandomRhythm / mal2csv

  View on GitHub
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆18Sep 3, 2024Updated last year
• OTRF / bloodhound-notebooks

  View on GitHub
  Notebooks created to attack and secure Active Directory environments
  ☆27Nov 18, 2019Updated 6 years ago
• sapphirex00 / Threat-Hunting

  View on GitHub
  Personal compilation of APT malware from whitepaper releases, documents and own research
  ☆265Feb 7, 2019Updated 7 years ago
• P4T12ICK / ypsilon

  View on GitHub
  Automated Use Case Testing
  ☆171May 1, 2018Updated 7 years ago
• herbiezimmerman / Windows-Event-Logs-With-Event-IDs

  View on GitHub
  A running list of Windows sources and the related event ids.
  ☆19Aug 2, 2023Updated 2 years ago