Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, techniques, and Indicators of Compromise (IOCs) aiding in cybersecurity operations. It facilitates penetration testing, incident response, digital forensics, and threat hunting.
☆110Aug 17, 2024Updated last year
Alternatives and similar repositories for project-killchain
Users that are interested in project-killchain are comparing it to the libraries listed below
Sorting:
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Jul 20, 2023Updated 2 years ago
- ☆16Jun 28, 2025Updated 8 months ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.☆10Oct 3, 2023Updated 2 years ago
- Packet Analysis on Steroids☆13Oct 20, 2022Updated 3 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- a simple powershell wrapper to automate checking a user's access around the network☆13Dec 5, 2023Updated 2 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆14Aug 15, 2022Updated 3 years ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆29Aug 25, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- ☆17Jun 28, 2023Updated 2 years ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆40Apr 7, 2025Updated 10 months ago
- Windows Thread Pool Injection Havoc Implementation☆33Mar 23, 2024Updated last year
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated last year
- This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue☆12Dec 31, 2018Updated 7 years ago
- ☆18Jul 13, 2022Updated 3 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Trillium's - Master the art Of Necessary cybersecurity skills (T-MON)☆14Mar 27, 2024Updated last year
- ☆17Aug 27, 2022Updated 3 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- The scrip will help you to find some values info for the user that you need as DFIR☆16Nov 3, 2022Updated 3 years ago
- Ransomware Simulator for Red/Blue teams to test their defences.☆19Apr 4, 2022Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆32Mar 9, 2022Updated 3 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated last month
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆725Feb 14, 2026Updated 2 weeks ago
- An opensource sigma conversion tool built using pysigma☆160Feb 9, 2026Updated 3 weeks ago
- PowerShell Digital Forensics & Incident Response Scripts.☆772Jan 14, 2026Updated last month
- Ansible role to deploy RedELK server☆19Sep 11, 2023Updated 2 years ago
- An offline Phishing Email Analyzer. Enabling non-techies to analyze phishing emails automatically!☆62Oct 28, 2023Updated 2 years ago
- Practical Threat Detection Engineering, Published by Packt☆87Updated this week
- FireProx written in Go☆20Apr 13, 2024Updated last year
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Mar 25, 2024Updated last year
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Updated this week
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago