Cyb3r-Monk / ACCDLinks
Active C&C Detector
☆155Updated last year
Alternatives and similar repositories for ACCD
Users that are interested in ACCD are comparing it to the libraries listed below
Sorting:
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 11 months ago
- Full of public notes and Utilities☆128Updated 6 months ago
- Sigma rules to share with the community☆121Updated 6 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Updated 4 years ago
- A list of RMMs designed to be used in automation to build alerts☆112Updated 4 months ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated 3 weeks ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆155Updated 2 years ago
- Slides of my public talks☆56Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 6 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated last year
- A home for detection content developed by the delivr.to team☆69Updated last week
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97Updated 2 years ago
- A running list of Windows sources and the related event ids.☆19Updated 2 years ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆157Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- Baseline a Windows System against LOLBAS☆28Updated last year
- ShellSweeping the evil.☆53Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Initial triage of Windows Event logs☆102Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆204Updated 3 years ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆175Updated 2 months ago
- Threat Simulation Indexes☆38Updated 3 months ago
- Yara Rules for Modern Malware☆77Updated last year
- Default Detections for EDR☆96Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 3 months ago
- A repository to share publicly available Velociraptor detection content☆187Updated this week
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated 11 months ago