Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Splunk Security Content

SIEGMA - Transform Sigma rules into SIEM consumables

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

A pySigma wrapper and langchain toolkit for automatic rule creation/translation

🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.

Automatic detection engineering technical state compliance

Sigma detection rules for hunting with the threathunting-keywords project

An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.

A pySigma wrapper to manage detection rules.

A POC to implement Detection-as-Code with Terraform and Sumo Logic.

A Python-native Detection as Code Framework

🔭 Threat report analysis via LLM and Vector DB

A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.

Machine learning notebooks using cybersecurity data

A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.

Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment

Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.

De-facto parent tenant for Carbon Black Enterprise EDR

Repo for my detection rules in system relative formatting