Alternatives and similar repositories for CanaryHunter:

Users that are interested in CanaryHunter are comparing it to the libraries listed below

• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆58Updated 9 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 11 months ago
• sans-blue-team / DNS-Exfiltrate
  ☆24Updated 2 years ago
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆65Updated 3 months ago
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆109Updated last month
• BC-SECURITY / Long-Live-The-Empire
  A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…
  ☆101Updated last year
• SySS-Research / azurenum
  Enumerate Microsoft Entra ID (Azure AD) fast
  ☆91Updated 2 months ago
• Semperis / SilverSamlForger
  Silver SAML forgery tool
  ☆49Updated last year
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆60Updated 8 months ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆110Updated 9 months ago
• tothi / smbmap
  SMBMap is a handy SMB enumeration tool - here with Kerberos support
  ☆73Updated 3 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆47Updated 11 months ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆40Updated 3 weeks ago
• LOLAD-Project / LOLAD-Project.github.io
  https://lolad-project.github.io/
  ☆74Updated 3 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated last week
• LuemmelSec / Custom-BloodHound-Queries
  ☆178Updated 3 months ago
• DefensiveOrigins / DO-LAB
  ☆46Updated 3 weeks ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆71Updated 2 months ago
• sse-secure-systems / TeamsEnum
  User Enumeration of Microsoft Teams users via API
  ☆149Updated last year
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆102Updated 11 months ago
• redcanaryco / ansible-atomic-red-team
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆27Updated 8 months ago
• grahamhelton / grahamhelton.github.io
  ☆40Updated 7 months ago
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆87Updated last year
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆59Updated 2 years ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆153Updated last year
• SikretaLabs / BlueMap
  A Azure Exploitation Toolkit for Red Team & Pentesters
  ☆167Updated last year
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆71Updated last year
• elementalsouls / DumpLSASS
  ☆34Updated last year