Search Results for "community detection algorithm"

AzureAD-Attack-Defense is a community-maintained playbook that collects common attack scenarios against Microsoft Entra ID (formerly Azure Active Directory) together with detection and mitigation guidance. The repository is organized into focused chapters — for example: Password Spray, Consent Grant, Service Principals in Azure DevOps, Entra Connect Sync Service Account, Replay of Primary Refresh Token (PRT), Entra ID Security Config Analyzer, and Adversary-in-the-Middle — each written to explain the attack, show detection approaches, and recommend mitigation steps. ...

This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for...

...It is aimed primarily at defenders, incident responders, and security researchers who need a consolidated reference to understand common bypass vectors and to validate detection logic. The repository emphasizes defensive use—helping blue teams craft allow-list policies, create detection rules, and test policy hardening in isolated lab environments—rather than offensive exploitation.

sysmon-modular is a community-driven repository that provides a modular, production-ready set of Sysmon configuration modules designed to be easily composed and tuned for different environments. The project organizes detection logic into per-event modules (for example, process creation, file create, network connection, registry events, image load, and many more) so operators can pick and choose which rules to enable without editing a monolithic XML by hand.

Security‑Datasets is a community-driven repository maintained by the Open Threat Research Forge (OTRF) that curates publicly available malicious and benign datasets for threat-hunting, machine learning, event analysis, and cybersecurity research. Datasets include Windows events, logs, alerts, and simulated attack data to support detection engineering and academic research.