A starter pack of resources to help you get started in Detection Engineering.
β182Jan 17, 2026Updated last month
Alternatives and similar repositories for detection-engineering-starter-pack
Users that are interested in detection-engineering-starter-pack are comparing it to the libraries listed below
Sorting:
- π‘οΈ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE ATβ¦β46Jun 28, 2025Updated 8 months ago
- Jupyter Univere is a search engine for all infosec jupyter notebooksβ36Mar 24, 2025Updated 11 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.β111Jan 24, 2026Updated last month
- Harness the security superpowers of your cloud asset inventoryβ11Sep 22, 2024Updated last year
- Living off the False Positive!β41Jan 31, 2025Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters β¦β302Updated this week
- A catalog of services that can be publicly exposed within different cloud providers.β14Aug 30, 2024Updated last year
- A repository of my own Sigma detection rules.β163Nov 25, 2025Updated 3 months ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation oβ¦β1,142Dec 19, 2025Updated 2 months ago
- β62Feb 20, 2026Updated last week
- PowerShell tools to help defenders hunt smarter, hunt harder.β473Oct 29, 2025Updated 4 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micrβ¦β62Jul 27, 2025Updated 7 months ago
- A curated list of LLM driven Cyber security Resourcesβ47Oct 20, 2025Updated 4 months ago
- β32Aug 16, 2025Updated 6 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).β804Jan 14, 2026Updated last month
- Cyber Threat Intelligenceβ78Dec 7, 2025Updated 2 months ago
- CarbonBlack EDR detection rules and response actionsβ73Sep 10, 2024Updated last year
- Sigma Queries turned into KQL for Defender using pysigmaβ12Jun 20, 2024Updated last year
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Huntβ¦β1,638Feb 22, 2026Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromiseβ68Apr 29, 2024Updated last year
- Repo for experimenting and testing MCP server builds for CTI-related research.β27May 13, 2025Updated 9 months ago
- β12Feb 9, 2025Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigationβ77May 21, 2024Updated last year
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITREβ¦��β1,205Dec 29, 2025Updated 2 months ago
- Repository to archive AWS Documentation for local useβ50Oct 14, 2024Updated last year
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch eβ¦β85Jul 4, 2025Updated 8 months ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation toolsβ¦β150Feb 14, 2026Updated 2 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessionsβ641Aug 4, 2025Updated 7 months ago
- An index of publicly available and open-source threat detection rulesets.β130Apr 17, 2025Updated 10 months ago
- Awesome Security lists for SOC/CERT/CTI�β1,263Updated this week
- Generate datasets of cloud audit logs for common attacksβ234Feb 13, 2026Updated 2 weeks ago
- An AWS IAM Privilege Escalation Path Libraryβ120Feb 23, 2026Updated last week
- Track progress and keep notes while working through likethecoins' CTI Self Study Planβ29Aug 25, 2022Updated 3 years ago
- Active C&C Detectorβ156Oct 5, 2023Updated 2 years ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and securβ¦β174Feb 22, 2026Updated last week
- Playbooks for SOC Analystsβ681Dec 11, 2022Updated 3 years ago
- Built-in Panther detection rules and policiesβ439Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.β296May 5, 2024Updated last year
- NTFSx is a tool for extracting files from an NTFS filesystem that are otherwise inaccessible.β14Jul 26, 2013Updated 12 years ago