Alternatives and similar repositories for mailgoose

Users that are interested in mailgoose are comparing it to the libraries listed below

• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆198Updated 2 weeks ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 11 months ago
• HackingLZ / IndicatorOfCanary
  Canary Detection
  ☆186Updated 2 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆172Updated 2 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated last month
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆76Updated 3 months ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆51Updated 6 months ago
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆151Updated 10 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆124Updated last year
• sans-blue-team / DNS-Exfiltrate
  ☆26Updated 2 years ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆92Updated last year
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆254Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆170Updated 6 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆138Updated last year
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆129Updated 6 months ago
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆121Updated 2 years ago
• drego85 / meioc
  Extracting IoC data from eMail
  ☆135Updated 3 weeks ago
• BushidoUK / Ransomware-Vulnerability-Matrix
  A collection of CVEs weaponized by ransomware operators
  ☆119Updated last month
• redar0n / incident-runbook
  A runbook for handling security incidents in cooperation with 0xsyr0
  ☆51Updated 2 years ago
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆112Updated 3 months ago
• youhgo / DOPP
  DFIR ORC PARSER PROJECT
  ☆25Updated 5 months ago
• cudeso / proof-value-cti
  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
  ☆51Updated 9 months ago
• LOTTunnels / LOTTunnels.github.io
  ☆104Updated 3 weeks ago
• Censys-Research / censeye
  ☆146Updated last month
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆108Updated 9 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆33Updated last month
• grahamhelton / grahamhelton.github.io
  ☆40Updated 11 months ago
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆122Updated 2 years ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆154Updated 3 months ago
• skandler / simulate-akira
  Simulation of Akira Ransomware with Invoke-AtomicTest
  ☆17Updated last year