threatest
Threat tester
Tools for testing and verifying threat detection rules
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
319 stars
13 watching
22 forks
Language: Go
last commit: 11 months ago continuous-securitydetection-engineeringsecurity-automationthreat-detection
Related projects:
Repository | Description | Stars |
---|---|---|
gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 568 |
jheise/threatcmd | A command-line interface to query threat intelligence data from ThreatCrowd.org | 19 |
threatgrid/jq-go | A Go language binding for the JQ JSON filter library | 22 |
center-for-threat-informed-defense/adversary_emulation_library | Provides a collection of plans to test defenses against real-world cyber threats. | 1,726 |
datadog/guarddog | A tool to identify malicious software packages by analyzing their source code and metadata. | 617 |
inquest/threatingestor | Extracts and aggregates threat intelligence from various sources | 831 |
gotestyourself/gotest.tools | Tools to augment Go testing and support common testing patterns | 518 |
a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 856 |
sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
cluster25/detection | A collection of threat detection rules written in YARA | 13 |
threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,114 |
owasp/pytm | Automates threat modeling and documentation for software systems. | 919 |
threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,721 |
thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 862 |
binarydefense/goatrider | Tool to compare IP addresses or hostnames to threat intelligence feeds and detect potential security threats. | 138 |