← 返回首页
detection-engineering · GitHub Topics · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus
#

detection-engineering

Here are 992 public repositories matching this topic...

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  • Updated Jan 4, 2024
  • Python

Windows Events Attack Samples

  • Updated Jan 24, 2023
  • HTML

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

  • Updated Jan 8, 2025
  • Rust

Splunk Security Content

  • Updated Jul 8, 2026
  • Python

Open-source AI-powered Security Operations Center — alert fusion, purple-team drills, agent-assisted triage, MITRE ATT&CK investigation. MIT-licensed, self-hostable.

  • Updated Jul 6, 2026
  • Python

A resource containing all the tools each ransomware gangs uses

  • Updated Jun 21, 2026

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.

  • Updated Jun 18, 2026

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

  • Updated Jun 27, 2025
  • Go

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

  • Updated Feb 23, 2026
  • C#

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

  • Updated Jan 14, 2026
  • Jupyter Notebook

Pipelined Query Language

  • Updated Jan 2, 2025
  • Go

MCP to help Defenders Detection Engineer Harder and Smarter

  • Updated Jun 16, 2026
  • TypeScript

Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.

  • Updated Jul 6, 2026
  • Rust

A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalone or with other job schedulers like Nomad.

  • Updated Oct 1, 2024
  • Go

Misc Threat Hunting Resources

  • Updated Jan 26, 2023

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.

  • Updated Jul 6, 2026
  • Go
Load more…

Improve this page

Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."

Learn more

Footer

© 2026 GitHub, Inc.