LOLBAS, GTFOBins, and process parent-child lookups for detection engineering agents.
Machine-readable detection lookups for SIEM enrichment and AI agents. MCP-native. Stop regex-matching 200+ binaries. Enrich in one call. Feed it to your SIEM, your SOAR, your agent, or your LLM. A collection of structured CSV lookup files purpose-built for: SIEM enrichment — one // replaces entire rule categories AI agent tooling — MCP server included, agents query detection context in real-time…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Machine-readable detection lookups for SIEM enrichment and AI agents. MCP-native. Stop regex-matching 200+ binaries. Enrich in one call. Feed it to your SIEM, your SOAR, your agent, or your LLM. A collection of structured CSV lookup files purpose-built for: SIEM enrichment — one // replaces entire rule categories AI agent tooling — MCP server included, agents query detection context in real-time Detection automation — consistent schema, CI-updated, deploy-ready File | Entries | OS | Description…