threatest
Threat tester
Tools for testing and verifying threat detection rules
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
319 stars
13 watching
22 forks
Language: Go
last commit: 11 months ago continuous-securitydetection-engineeringsecurity-automationthreat-detection
Related projects:
| Repository | Description | Stars |
|---|---|---|
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 568 |
 jheise/threatcmd | A command-line interface to query threat intelligence data from ThreatCrowd.org | 19 |
 threatgrid/jq-go | A Go language binding for the JQ JSON filter library | 22 |
 center-for-threat-informed-defense/adversary_emulation_library | Provides a collection of plans to test defenses against real-world cyber threats. | 1,723 |
| datadog/guarddog | A tool to identify malicious software packages by analyzing their source code and metadata. | 617 |
 inquest/threatingestor | Extracts and aggregates threat intelligence from various sources | 831 |
 gotestyourself/gotest.tools | Tools to augment Go testing and support common testing patterns | 518 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 855 |
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 cluster25/detection | A collection of threat detection rules written in YARA | 13 |
 threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,114 |
 owasp/pytm | Automates threat modeling and documentation for software systems. | 919 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,722 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 862 |
 binarydefense/goatrider | Tool to compare IP addresses or hostnames to threat intelligence feeds and detect potential security threats. | 138 |