Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
☆326Sep 27, 2024Updated last year
Alternatives and similar repositories for kestrel-lang
Users that are interested in kestrel-lang are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return resul…☆262Apr 8, 2026Updated last week
- This repository hosts community contributed Kestrel analytics☆18May 28, 2024Updated last year
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- OCA-wide documentation shared by all sub-projects and repositories☆33Oct 31, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Kestrel Jupyter Notebook Kernel☆10Oct 19, 2023Updated 2 years ago
- Posture Attribute Collection and Evaluation☆23Jun 20, 2023Updated 2 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆808Jan 14, 2026Updated 3 months ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- Augmentation to Machine Readable CTI☆39Sep 9, 2025Updated 7 months ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Re-play Security Events☆1,734Mar 20, 2024Updated 2 years ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,178Jul 26, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,277Jan 21, 2026Updated 2 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Microsoft Threat Intelligence Security Tools☆1,955Mar 25, 2026Updated 3 weeks ago
- STIX 2 Fake Data Generator☆11Oct 17, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,164Apr 1, 2026Updated 2 weeks ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆801Apr 6, 2026Updated last week
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Main Sigma Rule Repository☆10,309Apr 1, 2026Updated 2 weeks ago
- OSSEM Detection Model☆184Oct 11, 2022Updated 3 years ago
- OCSF Schema☆805Updated this week
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated 2 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,534Jan 12, 2026Updated 3 months ago
- An open-source command-line tool for cybersecurity reporting automation and a configuration language for reusable templates. Reporting-as…☆68Jul 6, 2025Updated 9 months ago
- Windows Events Attack Samples☆2,541Jan 24, 2023Updated 3 years ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,513Jan 12, 2026Updated 3 months ago
- ☆102Nov 26, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- Sublime rules for email attack detection, prevention, and threat hunting.☆354Updated this week
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆557May 6, 2025Updated 11 months ago
- Your Everyday Threat Intelligence☆1,967Apr 6, 2026Updated last week
- This content is analysis and research of the data sources currently listed in ATT&CK.☆412Sep 13, 2023Updated 2 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Open-source framework to detect outliers in Elasticsearch events☆205May 22, 2023Updated 2 years ago