detection-rules topic

List detection-rules repositories

SigmaFilterCheck

12
Stars
1
Forks
Watchers

Check Sigma rules for easy-to-bypass whitelists to make them more robust (https://github.com/Neo23x0/sigma)

verified publisher icon Karneades

thiri-notebook

152
Stars
15
Forks
Watchers

The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.

verified publisher icon mandiant

web_exploit_detector

89
Stars
36
Forks
Watchers

The Web Exploit Detector is a Node.js application used to detect possible infections, malicious code and suspicious files in web hosting environments

verified publisher icon polaris64

awesomekql

45
Stars
5
Forks
Watchers

Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs

verified publisher icon cylaris

sublime-platform

148
Stars
12
Forks
Watchers

A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community,...

verified publisher icon sublime-security

ThreatHunting-Keywords-sigma-rules

40
Stars
4
Forks
Watchers

Sigma detection rules for hunting with the threathunting-keywords project

verified publisher icon mthcht

marble

128
Stars
8
Forks
Watchers

Marble - the real time decision engine for fraud and AML

verified publisher icon checkmarble

DefenderATPQueries

47
Stars
5
Forks
Watchers

Hunting Queries for Defender ATP

verified publisher icon 0xAnalyst