Detection Resources

• KQL
• Backlog
• Living off the land
• Detections
• Threat hunting
• Research / Blogs
• Simulation

Guides & Processes

https://github.com/palantir/alerting-detection-strategy-framework/blob/master/ADS-Examples/001-Little-Snitch-Discovery-Behavior.md

https://github.com/darkquasar/AIMOD2

Intelligence to Risk Framework

https://blog.palantir.com/alerting-and-detection-strategy-framework-52dc33722df2

https://hockeyinjune.medium.com/security-operations-framework-2b63840a1128

https://docs.google.com/presentation/d/1dkrldTTlN3La-OjWtkWJBb4hVk6vfsSMBFBERs6R8zA/edit#slide=id.g26b44710fe_0_166

https://www.nojones.net/cloud-security-resources

https://github.com/mdecrevoisier/Windows-auditing-baseline

Awesomes

https://github.com/0x4D31/awesome-threat-detection?tab=readme-ov-file#detection-rules

‣

https://github.com/st0pp3r/Awesome-Detection-Engineer

General

https://explainshell.com/explain?cmd=nc+-nlvp+1234

https://detect.fyi/

https://www.vx-underground.org/

https://www.detectionengineering.net/

https://tldrsec.com/

Miscellaneous

https://www.joesandbox.com/#windows

https://how2itsec.blogspot.com/2025/03/windows-persistence-map-v01.html?m=1&s=09