firedrill is a malware simulation harness for evaluating your security controls
☆197Jan 26, 2024Updated 2 years ago
Alternatives and similar repositories for firedrill
Users that are interested in firedrill are comparing it to the libraries listed below
Sorting:
- Mapping of open-source detection rules and atomic tests.☆201Feb 16, 2026Updated 2 weeks ago
- Scan installed EDRs and AVs on Windows☆605Dec 10, 2025Updated 2 months ago
- ATTPwn☆217Mar 9, 2024Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆612Dec 8, 2025Updated 2 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆785Feb 22, 2026Updated last week
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Jan 31, 2022Updated 4 years ago
- ☆1,092May 1, 2019Updated 6 years ago
- Scan vulnerable drivers on Windows with loldrivers.io☆188Sep 11, 2023Updated 2 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,266Feb 13, 2026Updated 2 weeks ago
- Open Source EDR for Windows☆1,297Feb 25, 2023Updated 3 years ago
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,400Nov 7, 2024Updated last year
- "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …☆1,035May 27, 2020Updated 5 years ago
- ☆226Sep 8, 2022Updated 3 years ago
- Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…☆2,055Dec 11, 2024Updated last year
- An LLM and OCR based Indicator of Compromise Extraction Tool☆38Dec 4, 2024Updated last year
- Automated Adversary Emulation Platform☆6,761Feb 17, 2026Updated last week
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,549Feb 10, 2026Updated 2 weeks ago
- AWS Testing and Reporting Management Tool☆20Jan 23, 2023Updated 3 years ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Dec 29, 2025Updated 2 months ago
- ☆89Feb 11, 2022Updated 4 years ago
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,350Apr 4, 2024Updated last year
- The Volatility Collaborative GUI☆265Feb 11, 2026Updated 2 weeks ago
- Detonate malware on VMs and get logs & detection status☆83Jan 29, 2026Updated last month
- Detecting Lateral Movement with Machine Learning☆139Oct 31, 2017Updated 8 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated last month
- ☆61Jun 24, 2023Updated 2 years ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆606Nov 28, 2024Updated last year
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆864Jan 20, 2022Updated 4 years ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆773Jan 28, 2025Updated last year
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- Vuln-dev environment for LuaJIT☆20Dec 30, 2022Updated 3 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆127Apr 6, 2024Updated last year