Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log references, resources, labs, data manipulation online tools, blogs, newsletters, good reads, books, trainings, podcasts, videos and twitter/x accounts.
☆158Mar 23, 2026Updated 3 weeks ago
Alternatives and similar repositories for awesome-detection-engineer
Users that are interested in awesome-detection-engineer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, po…☆51Feb 14, 2026Updated 2 months ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 5 months ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆80Updated this week
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- KQL Queries☆34Mar 19, 2026Updated 3 weeks ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆479Oct 29, 2025Updated 5 months ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆766Aug 28, 2025Updated 7 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆304Mar 19, 2026Updated 3 weeks ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆116Jan 18, 2026Updated 2 months ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 10 months ago
- Anvilogic Forge☆117Mar 31, 2026Updated 2 weeks ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆67Feb 22, 2026Updated last month
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆456Feb 18, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 4 months ago
- ☆18Feb 2, 2026Updated 2 months ago
- ResearchDev - XDR & SIEM Detection☆67Apr 16, 2025Updated 11 months ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆20Mar 28, 2022Updated 4 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆808Jan 14, 2026Updated 3 months ago
- The Azure Hyper-V Lab makes virtualization on Azure effortless, perfect for experimenting, learning, and building proof-of-concepts.☆15May 17, 2025Updated 10 months ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆280Dec 20, 2025Updated 3 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆19Dec 18, 2024Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆298May 5, 2024Updated last year
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆159May 11, 2025Updated 11 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆653Aug 4, 2025Updated 8 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Apr 27, 2024Updated last year
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Mapping of open-source detection rules and atomic tests.☆206Feb 16, 2026Updated last month
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆130Apr 6, 2024Updated 2 years ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆278Updated this week
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆50Jan 1, 2026Updated 3 months ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- Presentations from Conferences☆31Sep 14, 2024Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,164Apr 1, 2026Updated last week
- A collection of CVEs weaponized by ransomware operators☆129Oct 13, 2025Updated 6 months ago