0xrawsec / whidsLinks
Open Source EDR for Windows
☆1,277Updated 2 years ago
Alternatives and similar repositories for whids
Users that are interested in whids are comparing it to the libraries listed below
Sorting:
- Elastic Security detection content for Endpoint☆1,306Updated last week
- An Active Defense and EDR software to empower Blue Teams☆1,305Updated 2 years ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,381Updated 11 months ago
- ☆553Updated last year
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆856Updated 3 years ago
- Defences against Cobalt Strike☆1,290Updated 3 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆749Updated 6 months ago
- ☆1,112Updated last year
- Repository of YARA rules made by Trellix ATR Team☆613Updated 7 months ago
- Automatically created C2 Feeds☆648Updated this week
- Utilities for Sysmon☆1,551Updated last month
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆968Updated last month
- ReversingLabs YARA Rules☆865Updated last week
- Sophos-originated indicators-of-compromise from published reports☆633Updated 2 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆522Updated 4 years ago
- ☆513Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆592Updated 9 months ago
- Ransomware simulator written in Golang☆451Updated 3 years ago
- Threat Intel IoCs + bits and pieces of dark matter☆419Updated 4 months ago
- Collaborative Malware Analysis Platform at Scale☆761Updated last week
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,845Updated this week
- Windows Events Attack Samples☆2,433Updated 2 years ago
- ☆793Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆717Updated 2 years ago
- ☆2,152Updated 2 years ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆638Updated this week
- Cuckoo3 is a Python 3 open source automated malware analysis system.☆772Updated 4 months ago
- PCAP Samples for Different Post Exploitation Techniques☆366Updated 4 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆917Updated 4 years ago
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,336Updated last year