Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Splunk Security Content

ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.

Mapping of open-source detection rules and atomic tests.

SIEGMA - Transform Sigma rules into SIEM consumables

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

A pySigma wrapper and langchain toolkit for automatic rule creation/translation

🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.

An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.

Sigma detection rules for hunting with the threathunting-keywords project

Automatic detection engineering technical state compliance

The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.

A pySigma wrapper to manage detection rules.

A POC to implement Detection-as-Code with Terraform and Sumo Logic.

A Python-native Detection as Code Framework

Sigma Queries turned into KQL for Defender using pysigma

A Pythonic Detection Rules Framework

All-in-one ICS/SCADA hacking, red teaming, malware analysis, detection, and lab architecture cheat sheet

A repo dedicated to the ongoing development, extension and operationalisation of threat-informed defense using a combination of open source and custom-developed threat intelligence

🔭 Threat report analysis via LLM and Vector DB