Alternatives and similar repositories for gene:

Users that are interested in gene are comparing it to the libraries listed below

• marcosd4h / sysmonx
  SysmonX - An Augmented Drop-In Replacement of Sysmon
  ☆212Updated 5 years ago
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆99Updated this week
• Neo23x0 / yaraQA
  YARA rule analyzer to improve rule quality and performance
  ☆96Updated last month
• jsecurity101 / Windows-API-To-Sysmon-Events
  A repository that maps API calls to Sysmon Event ID's.
  ☆117Updated 2 years ago
• kirk-sayre-work / ViperMonkey
  A VBA parser and emulation engine to analyze malicious macros.
  ☆93Updated this week
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• denisugarte / PowerDrive
  A tool for de-obfuscating PowerShell scripts
  ☆67Updated 5 years ago
• silence-is-best / c2db
  c2 traffic
  ☆189Updated 2 years ago
• 0xrawsec / gene-rules
  ☆39Updated 2 years ago
• Neo23x0 / sysmon-version-history
  An Inofficial Sysmon Version History (Change Log)
  ☆32Updated 4 years ago
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆166Updated this week
• endgameinc / eqllib
  ☆160Updated 4 years ago
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆150Updated 3 years ago
• fox-it / cobaltstrike-beacon-data
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆125Updated 2 years ago
• P4T12ICK / Sigma-Rule-Repository
  Sigma Detection Rule Repository
  ☆86Updated 4 years ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆145Updated last year
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆75Updated 5 years ago
• 0xAnalyst / CB-Threat-Hunting
  ☆116Updated last year
• monnappa22 / HollowFind
  Hollowfind is a Volatility plugin to detect different types of process hollowing techniques used in the wild to bypass, confuse, deflect …
  ☆132Updated 2 years ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆115Updated 4 years ago
• mgreen27 / Invoke-LiveResponse
  Invoke-LiveResponse
  ☆146Updated 2 years ago
• sumeshi / evtx2es
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆85Updated 7 months ago
• davidpany / WMI_Forensics
  ☆297Updated 4 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 6 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆85Updated 2 years ago
• Velocidex / evtx
  Golang Parser for Microsoft Event Logs
  ☆101Updated 3 weeks ago
• ion-storm / sysmon-edr
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆219Updated 3 years ago
• MHaggis / CBR-Queries
  Collection of useful, up to date, Carbon Black Response Queries
  ☆83Updated 4 years ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆135Updated this week