Alternatives and similar repositories for rdphoney:

Users that are interested in rdphoney are comparing it to the libraries listed below

• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆33Updated 3 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated last month
• Lifars / gargamel
  A forensic evidence acquirer
  ☆86Updated 4 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 2 years ago
• 1d8 / macros
  ☆50Updated 4 years ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago
• faisalusuf / ThreatIntelligence
  Tracking APT IOCs
  ☆25Updated 4 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• ninoseki / ukemi
  A CLI tool for querying passive DNS services
  ☆41Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• praetorian-inc / slack-c2bot
  Slack C2bot that executes commands and returns the output.
  ☆46Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• ninoseki / rogue_one
  A rogue DNS detector
  ☆23Updated last year
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated 2 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 4 years ago
• imjdl / CVE-2019-11510-poc
  Pulse Secure SSL VPN pre-auth file reading
  ☆50Updated 5 years ago
• memoryforensics1 / VolExp
  volatility explorer
  ☆91Updated 4 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• SixGenInc / break-free
  Escaping Restricted Environments and Bypassing DLP
  ☆73Updated 6 years ago
• StrangerealIntel / Cerberus
  Sources code extracted from malwares for analysis
  ☆36Updated 2 years ago
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• lemmou / RansomNoteFiles
  ☆23Updated last year
• claroty / CVE2020-0796
  CVE2020-0796 SMBv3 RCE
  ☆61Updated 5 years ago
• benyG / RProcDump
  Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline
  ☆35Updated 5 years ago
• umarfarook882 / Windows-InstallerBypass
  Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition
  ☆22Updated 5 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• c2defense / network-device-logs
  Analytics for Accounting logs from Network devices
  ☆17Updated 4 years ago
• tasooshi / exfilkit
  Data exfiltration utility for testing detection capabilities
  ☆57Updated 3 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago