Signature engine for all your logs
☆172Nov 13, 2023Updated 2 years ago
Alternatives and similar repositories for gene
Users that are interested in gene are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆42Sep 16, 2022Updated 3 years ago
- Open Source EDR for Windows☆1,309Feb 25, 2023Updated 3 years ago
- A modern Python-3-based alternative to RegRipper☆215May 12, 2026Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆827May 30, 2026Updated last month
- An Active Defense and EDR software to empower Blue Teams☆1,334Mar 31, 2026Updated 3 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆172Nov 11, 2022Updated 3 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆944Dec 12, 2023Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆227May 1, 2021Updated 5 years ago
- Windows Events Attack Samples☆2,586Jan 24, 2023Updated 3 years ago
- Yet another registry parser☆138Apr 15, 2022Updated 4 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆660Jun 19, 2024Updated 2 years ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- 16,432 Free Yara rules created by☆391Jun 1, 2019Updated 7 years ago
- Actionable analytics designed to combat threats☆1,011May 25, 2022Updated 4 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 3 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 8 years ago
- Detection Ideas & Rules repository.☆179Sep 10, 2021Updated 4 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated 2 years ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,347Dec 13, 2022Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Tools for the Computer Incident Response Team☆152Apr 17, 2017Updated 9 years ago
- Repository of YARA rules made by Trellix ATR Team☆627Mar 18, 2025Updated last year
- Invoke-LiveResponse☆152Feb 22, 2022Updated 4 years ago
- Digital Forensics artifact repository☆1,244May 16, 2026Updated last month
- DFIRTrack - The Incident Response Tracking Application☆536Jan 13, 2026Updated 5 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆220Sep 17, 2019Updated 6 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆390May 11, 2022Updated 4 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,188Jul 26, 2023Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆92Mar 11, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Nov 27, 2020Updated 5 years ago
- Re-play Security Events☆1,776Mar 20, 2024Updated 2 years ago
- Open-source framework to detect outliers in Elasticsearch events☆203May 22, 2023Updated 3 years ago
- YARA signature and IOC database for my scanners and tools☆2,988Jun 17, 2026Updated 2 weeks ago
- Look into EDR events from network☆25Nov 20, 2025Updated 7 months ago
- Utilities for Sysmon☆1,650Apr 4, 2026Updated 3 months ago