Awesome list of keywords and artifacts for Threat Hunting sessions
-
Updated
May 26, 2024 - HTML
Awesome list of keywords and artifacts for Threat Hunting sessions
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Machine learning notebooks using cybersecurity data
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
Splunk Security Content
Anvilogic Forge
Hunting Queries for Defender ATP
🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
The code powering RunReveal's documentation.
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
Sigma detection rules for hunting with the threathunting-keywords project
yara detection rules for hunting with the threathunting-keywords project
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.
Purpleteam scripts simulation & Detection - trigger events for SOC detections
A collection of various SIEM rules relating to malware family groups.
Resource for all things threat detection
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."