Alternatives and similar repositories for CanaryHunter:

Users that are interested in CanaryHunter are comparing it to the libraries listed below

• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆58Updated 8 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 10 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated this week
• BC-SECURITY / Long-Live-The-Empire
  A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…
  ☆100Updated last year
• sans-blue-team / DNS-Exfiltrate
  ☆24Updated 2 years ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆70Updated last year
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆71Updated last month
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆65Updated 2 months ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆59Updated 7 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 6 months ago
• elementalsouls / DumpLSASS
  ☆34Updated last year
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆110Updated 8 months ago
• DefensiveOrigins / DO-LAB
  ☆46Updated last week
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆102Updated 10 months ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• mrobertsonris / EmailThreatHunting
  Advanced Email Threat Hunting w/ Detection as Code
  ☆50Updated last month
• tothi / smbmap
  SMBMap is a handy SMB enumeration tool - here with Kerberos support
  ☆73Updated 3 years ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆148Updated last year
• Orange-Cyberdefense / graphcat
  Generate graphs and charts based on password cracking result
  ☆160Updated 2 years ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 10 months ago
• LuemmelSec / Custom-BloodHound-Queries
  ☆176Updated 2 months ago
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆36Updated 4 years ago
• TheresAFewConors / MSSprinkler
  MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It emp…
  ☆74Updated this week
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆84Updated 7 months ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆54Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆126Updated last month
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆152Updated last year
• Semperis / SilverSamlForger
  Silver SAML forgery tool
  ☆49Updated last year