Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, techniques, and Indicators of Compromise (IOCs) aiding in cybersecurity operations. It facilitates penetration testing, incident response, digital forensics, and threat hunting.
☆111Aug 17, 2024Updated last year
Alternatives and similar repositories for project-killchain
Users that are interested in project-killchain are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆54Jul 20, 2023Updated 2 years ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions☆47Jun 12, 2024Updated 2 years ago
- This repo hosts multiple codes, content, checklists etc which can help a penetration tester in a web application auditing.☆21Sep 14, 2023Updated 2 years ago
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- eml metadata parser.☆17Jan 24, 2023Updated 3 years ago
- Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.☆10Oct 3, 2023Updated 2 years ago
- a simple powershell wrapper to automate checking a user's access around the network☆13Dec 5, 2023Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆56Dec 5, 2024Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆120Oct 29, 2024Updated last year
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- Windows Thread Pool Injection Havoc Implementation☆35Mar 23, 2024Updated 2 years ago
- ☆22Jan 31, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15May 30, 2026Updated 2 weeks ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆813Jan 14, 2026Updated 5 months ago
- Track progress and keep notes while working through likethecoins' CTI Self Study Plan☆29Aug 25, 2022Updated 3 years ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆20Oct 9, 2024Updated last year
- Ransomware Simulator for Red/Blue teams to test their defences.☆20Apr 4, 2022Updated 4 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Packet Analysis on Steroids☆14Oct 20, 2022Updated 3 years ago
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆735Apr 2, 2026Updated 2 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Azure function to insert MISP data in to Azure Sentinel☆33Oct 19, 2022Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 3 years ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆43May 6, 2026Updated last month
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆42May 18, 2026Updated 3 weeks ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 4 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Mar 25, 2024Updated 2 years ago
- ☆18Jul 13, 2022Updated 3 years ago
- An opensource sigma conversion tool built using pysigma☆169May 25, 2026Updated 2 weeks ago
- PowerShell Digital Forensics & Incident Response Scripts.☆796May 26, 2026Updated 2 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- MISP Playbooks☆229Oct 14, 2025Updated 8 months ago
- An offline Phishing Email Analyzer. Enabling non-techies to analyze phishing emails automatically!☆61Oct 28, 2023Updated 2 years ago
- Detecting Cobalt Strike Team Servers on targets through traffic telemetry.☆22Aug 13, 2024Updated last year
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆200Jan 6, 2026Updated 5 months ago
- Open IOC sharing platform☆67Jan 1, 2026Updated 5 months ago
- Cliente em python para emissão de boletos utilizando a API do Banco Inter PJ.☆25Mar 5, 2025Updated last year
- ☆43May 22, 2021Updated 5 years ago