Built by Defenders,
for Defenders
Created by former threat researchers and security analysts, cited by CISA and Microsoft in security guidance on abused admin tools and vulnerable drivers.
We believe intelligence should be free. Our open-source projects are actively developed so teams can adopt and detect immediately. When the community levels up together, the entire industry benefits.
Our goal is to eliminate entire threat vectors where possible and remove tools from attackers. #ThisEndsWithUs. We welcome contributions and feedback, join the community on GitHub.
See how this research powers our product on the threat intelligence page.
The Projects the Industry
Relies On
Open-source intelligence projects referenced by CISA, Microsoft, and security teams worldwide. The research DNA behind every MagicSword policy.
LOLDrivers
Living Off The Land Drivers is a curated list of Windows drivers used by adversaries to bypass security controls and carry out attacks. The project helps security professionals stay informed and mitigate potential threats.
Sigconverter
sigconverter.io is a user-friendly converter for Sigma rules. Designed to stay in sync with pySigma backends, it provides an easy-to-use interface for converting Sigma rules across detection platforms.
LOLRMM
Living Off The Land Remote Management Tools is a curated list of RMM tools that could be abused by threat actors. Assists security professionals in threat hunting, detection, and prevention policy creation.
Bootloaders
bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security professionals in staying informed and mitigating potential threats associated with bootloaders.