Cyb3r-Monk / ACCD
Active C&C Detector
☆153Updated last year
Alternatives and similar repositories for ACCD:
Users that are interested in ACCD are comparing it to the libraries listed below
- Sigma rules to share with the community☆119Updated 2 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆119Updated last year
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- Full of public notes and Utilities☆98Updated 2 months ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆93Updated last year
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆150Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆154Updated this week
- yara detection rules for hunting with the threathunting-keywords project☆116Updated last month
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 2 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆201Updated 2 years ago
- Slides of my public talks☆55Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- Default Detections for EDR☆96Updated last year
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆151Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 2 months ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- A running list of Windows sources and the related event ids.☆19Updated last year
- ShellSweeping the evil.☆52Updated 9 months ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆89Updated 4 years ago
- A list of RMMs designed to be used in automation to build alerts☆110Updated last month
- ☆159Updated last year
- YARA rule analyzer to improve rule quality and performance☆98Updated this week
- A repository of my own Sigma detection rules.☆158Updated 7 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated last month
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆78Updated 7 months ago