Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Splunk Security Content

SIEGMA - Transform Sigma rules into SIEM consumables

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

A pySigma wrapper and langchain toolkit for automatic rule creation/translation

🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.

An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.

Sigma detection rules for hunting with the threathunting-keywords project

Automatic detection engineering technical state compliance

The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.

A pySigma wrapper to manage detection rules.

A POC to implement Detection-as-Code with Terraform and Sumo Logic.

A Python-native Detection as Code Framework

A Pythonic Detection Rules Framework

🔭 Threat report analysis via LLM and Vector DB

A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.

A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.

Machine learning notebooks using cybersecurity data

Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment

An API that takes a txt file containing threat intelligence and turns it into a detection rule.