✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
-
Updated
Jul 15, 2024
#
threat-detection
Here are 102 public repositories matching this topic...
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
aws
security
aws-security
cloud-security
azure-security
mitre-attack
adversary-emulation
threat-detection
purple-team
gcp-security
kubernetes-security
detection-engineering
cloud-native-security
-
Updated
Nov 11, 2024 - Go
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
security
authentication
authorization
api-testing
hacktoberfest
api-discovery
owasp-top-10
devsecops
security-testing
api-security
sensitive-data-exposure
threat-detection
idor
devsecops-pipeline
hacktoberfest2023
api-security-testing
-
Updated
Nov 24, 2024 - Java
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
security
django
osint
monitoring
reactjs
incident-response
phishing
webapp
cybersecurity
nltk
certificate-transparency
threat-hunting
watcher
misp
thehive
threat-intelligence
rss-bridge
certstream
threat-detection
osint-python
-
Updated
Nov 7, 2024 - Python
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
-
Updated
Sep 18, 2024
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
dfir
cybersecurity
threat-hunting
threat-detection
kql
detection-engineering
kusto-language
defender-for-endpoint
microsoft-sentinel
-
Updated
Nov 22, 2024 - Jupyter Notebook
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
microsoft
security
sentinel
threat-hunting
threat-detection
securitycenter
kusto
kql
threat-hunt
microsoft-365
kusto-query-language
microsoft-security
microsoft-sentinel
kusto-query
microsoft-365-security
microsoft-365-defender
threat-detecting
microsoft-xdr
microsoftxdr
-
Updated
Nov 4, 2024
Threat-hunting tool for Linux
-
Updated
Nov 22, 2024 - Rust
A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.
-
Updated
Oct 1, 2024 - Go
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
-
Updated
Nov 3, 2020 - PowerShell
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
bigquery
security
logging
gcp
google-cloud
audit-logs
network-analysis
chronicle
log-analytics
network-logs
threat-detection
security-operations
cloud-security-command-center
-
Updated
Jun 12, 2024 - Python
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
-
Updated
Dec 19, 2023 - Go
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
nlp
security
apt
transformers
cybersecurity
attention
threat-hunting
deeplearning
cyber-security
nlp-machine-learning
bert
threat-analysis
security-automation
threat-intelligence
machine-learning-security
cyber-threat-intelligence
threat-detection
transformer-encoder
bert-embeddings
deep-learning-security
-
Updated
Apr 28, 2023 - Python
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
-
Updated
Nov 24, 2023
A toolkit for Security Researchers
python
osint
scanner
cybersecurity
certificate-transparency
infosec
threat-hunting
malware-analysis
webshell
threat-analysis
threat-intelligence
certstream
threat-detection
opendir
defaced
-
Updated
Sep 2, 2019 - Python
Bypass 403
vulnerability-assessment
url-manipulation
web-application-security
threat-detection
header-injection
bypass-403
historical-analysis
http-request-analysis
payload-variations
wayback-machine-integration
security-assessment-tool
web-security-audit
web-vulnerability-detection
access-403
-
Updated
Aug 12, 2024 - Jupyter Notebook
ThreatSeeker: Threat Hunting via Windows Event Logs
-
Updated
May 16, 2023 - Python
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
aws
elasticsearch
data-science
machine-learning
automation
kibana
serverless
geolocation
incident-response
data-visualization
misp
aws-serverless
aws-security
security-automation
security-tools
threat-intelligence
anomaly-detection
sagemaker
threat-detection
guardduty
-
Updated
Jul 8, 2021 - Python
Threat intelligence and threat detection indicators (IOC, IOA)
-
Updated
Nov 27, 2020 - YARA
Threat Detection & Anomaly Detection rules for popular open-source components
-
Updated
Jul 27, 2022
Improve this page
Add a description, image, and links to the threat-detection topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the threat-detection topic, visit your repo's landing page and select "manage topics."