Skip to content
View rams3sh's full-sized avatar
62 followers · 268 following

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Arctic Code Vault ContributorAchievement: Starstruckx2

Achievements

Achievement: YOLOAchievement: Pull Sharkx2Achievement: Arctic Code Vault ContributorAchievement: Starstruckx2

Block or report rams3sh

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Stars

Detection Engineering

34 repositories

palantir / alerting-detection-strategy-framework

A framework for developing alerting and detection strategies for incident response.

827 133 Updated Sep 8, 2025

redcanaryco / atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

C 11,406 3,035 Updated Dec 22, 2025

infosecB / awesome-detection-engineering

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

1,098 109 Updated Dec 19, 2025

DataDog / stratus-red-team

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Go 2,216 276 Updated Dec 11, 2025

matanolabs / matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Rust 1,642 124 Updated Jan 8, 2025

splunk / security_content

Splunk Security Content

Python 1,542 433 Updated Dec 23, 2025

DataDog / threatest

Threatest is a CLI and Go framework for end-to-end testing threat detection rules.

Go 336 25 Updated Apr 29, 2025

mitre / caldera

Automated Adversary Emulation Platform

Python 6,630 1,269 Updated Dec 22, 2025

airbnb / streamalert

StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.

Python 2,888 328 Updated Oct 23, 2023

fleetdm / fleet

Open device management

Go 5,863 746 Updated Dec 25, 2025

jordanpotti / rt-reading

List of Red Team Resources

17 2 Updated Jun 16, 2020

k-bailey / detection-engineering-maturity-matrix

98 13 Updated Sep 16, 2022

brexhq / substation

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.

Go 389 27 Updated Aug 5, 2025

0x4D31 / detection-and-response-pipeline

✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective…

286 24 Updated Feb 5, 2024

tuckner / automation-capability-matrix

A tool that allows you to document and assess any security automation in your SOC

TypeScript 48 4 Updated Oct 31, 2024

center-for-threat-informed-defense / sensor-mappings-to-attack

Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.

Python 50 4 Updated Jun 21, 2025

pain0x0 / awesome-incident-response

25 8 Updated Jan 4, 2023

digitalisx / awesome-memory-forensics

A curated list of awesome Memory Forensics for DFIR

507 62 Updated Feb 19, 2025

unknownhad / CloudIntel

This repo contains IOC, malware and malware analysis associated with Public cloud

249 21 Updated Nov 11, 2024

jshlbrd / detection-engineering-pocket-guide

pocket guide for core detection engineering concepts

31 2 Updated May 8, 2023

hslatman / awesome-threat-intelligence

A curated list of Awesome Threat Intelligence resources

9,522 1,635 Updated Dec 15, 2025

cyb3rxp / awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

1,594 247 Updated Dec 23, 2025

elastic / detection-rules

Python 2,453 614 Updated Dec 24, 2025

cyberdefensematrix / cyberdefensematrix.github.io

Cyber Defense Matrix Public Website

CSS 8 Updated Nov 12, 2025

BushidoUK / Open-source-tools-for-CTI

Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers

754 131 Updated Nov 9, 2025

GACWR / OpenUBA

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security I…

Python 462 264 Updated Apr 25, 2024

unit8co / darts

A python library for user-friendly forecasting and anomaly detection on time series.

Python 9,113 977 Updated Dec 23, 2025

fabacab / awesome-cybersecurity-blueteam

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

5,047 757 Updated Jul 15, 2024

tsale / EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

Python 1,911 191 Updated Nov 29, 2025

rabobank-cdc / DeTTECT

Detect Tactics, Techniques & Combat Threats

SCSS 2,249 346 Updated Oct 29, 2025