Signature engine for all your logs
☆172Nov 13, 2023Updated 2 years ago
Alternatives and similar repositories for gene
Users that are interested in gene are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆42Sep 16, 2022Updated 3 years ago
- Open Source EDR for Windows☆1,296Feb 25, 2023Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆208Mar 31, 2025Updated 11 months ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- An Active Defense and EDR software to empower Blue Teams☆1,315Aug 10, 2023Updated 2 years ago
- ☆171Nov 11, 2022Updated 3 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- Windows Events Attack Samples☆2,526Jan 24, 2023Updated 3 years ago
- Yet another registry parser☆137Apr 15, 2022Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- 16,432 Free Yara rules created by☆391Jun 1, 2019Updated 6 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,341Dec 13, 2022Updated 3 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- Repository of YARA rules made by Trellix ATR Team☆627Mar 18, 2025Updated last year
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- Digital Forensics artifact repository☆1,217Feb 11, 2026Updated last month
- DFIRTrack - The Incident Response Tracking Application☆534Jan 13, 2026Updated 2 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆216Sep 17, 2019Updated 6 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆88Mar 11, 2026Updated last week
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆388May 11, 2022Updated 3 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated 2 months ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Nov 27, 2020Updated 5 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated 2 years ago
- Utilities for Sysmon☆1,577Sep 21, 2025Updated 6 months ago
- YARA signature and IOC database for my scanners and tools☆2,884Mar 9, 2026Updated 2 weeks ago
- Open-source framework to detect outliers in Elasticsearch events☆205May 22, 2023Updated 2 years ago