Main Sigma Rule Repository

Rapidly Search and Hunt through Windows Forensic Artefacts

ARL官方仓库备份项目：ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

ARL-Core官方仓库备份项目：集漏洞验证和漏洞利用的一个框架

arl_files备份项目

An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced security analytics framework.

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

CVE-2023-33246 RocketMQ RCE Detect By Version and Exploit

Apache RocketMQ 远程代码执行漏洞(CVE-2023-33246) Exploit

Mapping the MITRE ATT&CK Matrix with Osquery

针对中国开发者，黑客的开源情报工具：名单，主要使用社交ID追踪，枚举，画像等手段，锁定潜在攻击者

langchain-ChatGLM, local knowledge based ChatGLM with langchain ｜ 基于本地知识的 ChatGLM 问答

The scanner helps to scan misconfigured reverse proxy servers and misconfigured forward proxy servers

Set of EVTX samples (>270) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.

Open Source Security Events Metadata (OSSEM)

A curated list of tools and resources that I use daily as a Purple-Team operator.

A curated list of Awesome Threat Intelligence resources

a free, open source, cross platform Intelligence gathering tool.

CSI SIEM

AHRID - Analysis Hacker's Real-ID Platform

黑客画像构建以及威胁事件的预测，通过搜集各大黑客技术论坛的聊天记录，绘制任务的拓扑图，以及技能雷达图。同时进一步预测监控攻击事件的发生以及溯源