Detection Engineering
Showing 14 of 14 projects
A generic and open signature format for describing log event detections, shareable across SIEM systems.
A curated list of awesome open-source tools, detection rules, datasets, and resources for threat detection and hunting.
A community-driven open-source project that structures threat hunting workflows using MITRE ATT&CK, Jupyter notebooks, and AI-augmented planning.
A collection of 200 Windows EVTX event log samples mapped to MITRE ATT&CK techniques for detection testing and threat hunting.
An open-source repository of security detections, analytic stories, and response playbooks mapped to MITRE ATT&CK for Splunk Enterprise Security.
A curated list of resources, tools, and frameworks for detection engineering in cybersecurity.
A framework for developing rigorous, documented alerting and detection strategies to improve incident response efficacy.
A modular Linux persistence framework for security research, detection engineering, and penetration testing.
A framework for executing and detecting cloud attacker TTPs via YAML definitions, generating APIs, Sigma rules, and documentation.
A community-driven collection of pre-built security analytics queries and rules for auditing and threat detection in Google Cloud.
A curated reference hub of tools and real-world examples for designing effective threat detection and response pipelines.
A collection of Splunk SPL queries and prototypes for threat hunting and detection engineering.
An open-source repository of cybersecurity detection rules and threat identifiers for security teams to enhance threat detection capabilities.
A collection of Splunk SPL queries for detecting vulnerability exploits, malware, and MITRE ATT&CK TTPs in security logs.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.