IOCs that appear in this repository are meant to be long-lasting indicators of compromise.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Threat-hunting tool for Linux

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Mapping common adversarial TTP's against Detections & Atomics

Trend Vision One File Security Go SDK

Trend Vision One File Security Python SDK

Detection engine at scale using Apache Beam, Apache Flink, Kubernetes

An EDR server designed to monitor, detect, and respond to threats on network endpoints.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

Configure and deploy AWS GuardDuty.

Sigma detection rules for hunting with the threathunting-keywords project

This repository provides comprehensive guides, configurations, rules, and practical examples for Snort, the open-source intrusion detection system (IDS). Ideal for cybersecurity professionals and enthusiasts looking to enhance their network security skills.

Enhance your cybersecurity skills with comprehensive notes for SOC Analysts. Dive into security operations, incident response, threat hunting, and practical examples to bolster your expertise. Access valuable resources to level up your cybersecurity game on my GitHub repository.

Bypass 403

An SSH honeypot written entirely in Go.

Sigma Queries turned into KQL for Defender using pysigma