LOOBins (Living Off the Orchard: macOS Binaries)

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in “living off the land” macOS binaries and how they can be used by threat actors for malicious purposes.

Awesome Detection Engineering Awesome

A curated list of tools and resources for Threat Detection Engineers.

Practical Detection-as-Code

An example of how to deploy a Detection-as-Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.

ATT&CK Navigator Layer Generator

A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK parent technique IDs to a MITRE ATT&CK Navigator layer .JSON file.