Technical resources and knowledge base for dtection.io
-
Updated
Jun 3, 2021 - Shell
Technical resources and knowledge base for dtection.io
Capture all events across all logs produced during the running of a particular exploit/script. Search and filter events
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
Microsoft Sentinel fork of Adaz 🔧 Deploy customizable Active Directory labs in Azure - automatically.
A Step by Step Guide for Cyber Security Beginners to Jump into the right path
Research, Rules, Books, Tools and more basic stuff you can get anywhere
Windows Events Attack Samples
Misc Threat Hunting Resources
Resources To Learn And Understand SIGMA Rules
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
SIEGMA - Transform Sigma rules into SIEM consumables
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
Sigma Queries turned into KQL for Defender using pysigma
A POC to implement Detection-as-Code with Terraform and Sumo Logic.
Crypto Census - A One-Stop-Shop for Crypto Domain Aggregation
simple webapp for converting sigma rules into siem queries using the pySigma library
De-facto parent tenant for Carbon Black Enterprise EDR
Short deep dive into Threat Hunting on AWS
Signature engine for all your logs
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."