detection-engineering

Applied SOC Analysis and Incident Response documentation covering endpoint forensics, network traffic analysis (PCAP), and detection engineering. Demonstrating analyst-level investigative methodology using Splunk, Wireshark, and Sysinternals.

log-analysis splunk powershell network-forensics incident-response cybersecurity wireshark siem malware-analysis digital-forensics sysinternals log-monitoring security-analysis mitre-attack security-monitoring endpoint-security security-operations detection-engineering soc-analyst

Updated Feb 7, 2026
PowerShell

conway87 / HEG-BeefEater

Star

generator log logging threat-hunting siem log-generator detection-engineering event-generator cybersecurity-tools threat-hunting-via-eventlogs log-generation siem-tools siem-home-lab

Updated Aug 21, 2024
PowerShell

ClearLotus-git / bnrp-detection

Star

LLMNR/NBT-NS Detection

detection cybersecurity defender llmnr detection-engineering nbt-ns

Updated Sep 6, 2025
PowerShell

Improve this page

Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

detection-engineering

Here are 8 public repositories matching this topic...

mthcht / ThreatHunting-Keywords

mthcht / Purpleteam

crazyeights225 / WinEventLogExplorer

mf1d3l / HayabusaToWinEventLog

conway87 / HEG-3.0

denis541 / Cyber-Security-Operations-Engineering

conway87 / HEG-BeefEater

ClearLotus-git / bnrp-detection

Improve this page

Add this topic to your repo