threatest
Threat tester
Tools for testing and verifying threat detection rules
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
322 stars
13 watching
22 forks
Language: Go
last commit: about 1 year ago continuous-securitydetection-engineeringsecurity-automationthreat-detection
Related projects:
| Repository | Description | Stars |
|---|---|---|
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 570 |
 jheise/threatcmd | A command-line interface to query threat intelligence data from ThreatCrowd.org | 19 |
 threatgrid/jq-go | A Go language binding for the JQ JSON filter library | 22 |
 center-for-threat-informed-defense/adversary_emulation_library | Provides a collection of plans to test defenses against real-world cyber threats. | 1,737 |
| datadog/guarddog | A tool to identify malicious software packages by analyzing their source code and metadata. | 635 |
 inquest/threatingestor | Extracts and aggregates threat intelligence from various sources | 836 |
 gotestyourself/gotest.tools | Tools to augment Go testing and support common testing patterns | 518 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 cluster25/detection | A collection of threat detection rules written in YARA | 13 |
 threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,113 |
 owasp/pytm | Automates threat modeling and documentation for software systems. | 934 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,726 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 869 |
 binarydefense/goatrider | Tool to compare IP addresses or hostnames to threat intelligence feeds and detect potential security threats. | 138 |