Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log refere…

Queries an LLM to assess whether a process' command-line argument (CLA) appears malicious

📄 Configuration files that enhance Cursor AI editor experience with custom rules and behaviors

Hunting queries and detections

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective…

Learning English through the method of constructing sentences with conjunctions

基于Python的开源量化交易平台开发框架

KQL Queries. Microsoft Defender, Microsoft Sentinel

Windows Persistence IT-Security

A ready-to-use containerized cybersecurity lab for simulating attacks (Red Team) and defenses (Blue Team) using Caldera and Splunk.

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

A highly customizable macOS status bar replacement

A collective list of free APIs

The Elastic stack (ELK) powered by Docker and Compose.

✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.

Docker container for managing Nginx proxy hosts with a simple, powerful interface

The best IP Toolbox. Easy to check what's your IPs, IP geolocation, check for DNS leaks, examine WebRTC connections, speed test, ping test, MTR test, check website availability, whois search and mo…

Improve your Threat Intelligence detection by sending the observed data of your Splunk to your OpenCTI platform

A Splunk app with saved reports derived from Sigma rules

域名SSL证书监测平台、SSL证书申请自动续签。Domain and SSL Cert monitor System.

FortiEDR Threat Intelligence Database. ThreatFox Threat Intelligence Database Integration with FortiEDR

An Open-source python package intended to help on interacting with FortiEDR API.

An opensource sigma conversion tool built using pysigma

The open-source AIOps and alert management platform

🚀 A self-hostable personal dashboard built for you. Includes status-checking, widgets, themes, icon packs, a UI editor and tons more!

🎨 Regex visualizer & editor

⚙️ NGINX config generator on steroids 💉