Security Analytics
Showing 25 of 25 projects
A SQL-powered framework for instrumenting, monitoring, and analyzing operating systems across Linux, macOS, and Windows.
A SQL-powered framework for instrumenting, monitoring, and analyzing operating systems across Linux, macOS, and Windows.
A community-driven open-source project that structures threat hunting workflows using MITRE ATT&CK, Jupyter notebooks, and AI-augmented planning.
An open-source threat hunting platform with advanced analytics capabilities built on ELK stack, Apache Spark, and Jupyter notebooks.
A collection of ready-to-use KQL queries for threat hunting, detection, and analytics in Microsoft Defender for Endpoint and Azure Sentinel.
An open source, serverless security data lake for AWS that normalizes logs, enables detection-as-code, and supports petabyte-scale threat hunting.
An open-source repository of security detections, analytic stories, and response playbooks mapped to MITRE ATT&CK for Splunk Enterprise Security.
A curated list of resources, tools, and frameworks for detection engineering in cybersecurity.
A centralized platform for security monitoring and analysis, integrating big data technologies for log aggregation, threat detection, and behavioral analytics.
A collection of IPython notebooks demonstrating data analysis and machine learning techniques on security datasets.
A data pipeline engine for security teams to collect, transform, enrich, and route telemetry data at scale.
An asynchronous forensic data presentation framework for incident response, built on Elasticsearch.
An open-source security analytics platform that integrates big data technologies for centralized security monitoring, threat detection, and investigation.
An open-source framework for detecting command and control communication through network traffic analysis using Zeek logs.
A lightweight investigation notebook for security analysts to document and track threat intelligence.
A web-based platform for organizing, automating, and analyzing password cracking tasks using Hashcat.
A community-driven collection of pre-built security analytics queries and rules for auditing and threat detection in Google Cloud.
Open-source platform for network security analytics using flow and packet analysis to detect unknown threats at cloud scale.
An open-source big data security analytics tool that analyzes network packet capture (pcap) files using Apache Pig.
A collection of Splunk SPL queries and prototypes for threat hunting and detection engineering.
A tool for data visualization and statistical analysis of threat intelligence indicator feeds to measure their quality and effectiveness.
A scalable malware processing and analytics platform built on Hadoop Pig for binary data extraction and analysis.
An open-source repository of cybersecurity detection rules and threat identifiers for security teams to enhance threat detection capabilities.
An open-source framework for developing large-scale anomaly detection models using Apache Spark.
Kibana 3 dashboard templates for visualizing Suricata IDS/IPS logs in Logstash/ELK stack.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.