Projects
LOOBins (Living Off the Orchard: macOS Binaries)
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in “living off the land” macOS binaries and how they can be used by threat actors for malicious purposes.
Awesome Detection Engineering
A curated list of tools and resources for Threat Detection Engineers.
Practical Detection-as-Code
An example of how to deploy a Detection-as-Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
ATT&CK Navigator Layer Generator
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK parent technique IDs to a MITRE ATT&CK Navigator layer .JSON file.