Alternatives and similar repositories for WhoYouCalling

Users that are interested in WhoYouCalling are comparing it to the libraries listed below

• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆421Updated 2 months ago
• joeavanzato / Trawler
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆319Updated 4 months ago
• lkarlslund / nifo
  Nuke It From Orbit - remove AV/EDR with physical access
  ☆263Updated 9 months ago
• MHaggis / PowerShell-Hunter
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆434Updated 3 weeks ago
• secureworks / pytune
  ☆249Updated last month
• jonny-jhnson / JonMon
  ☆240Updated 3 months ago
• techspence / ScriptSentry
  ScriptSentry finds misconfigured and dangerous logon scripts.
  ☆591Updated 9 months ago
• p0dalirius / ExtractBitlockerKeys
  A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
  ☆377Updated last month
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆176Updated 3 months ago
• srlabs / Certiception
  An ADCS honeypot to catch attackers in your internal network.
  ☆310Updated last year
• MalBeacon / what-is-this-stealer
  A repository of credential stealer formats
  ☆226Updated 3 months ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆240Updated 2 weeks ago
• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆197Updated last month
• gtworek / VolatileDataCollector
  ☆204Updated 10 months ago
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆160Updated 2 years ago
• SafeBreach-Labs / WindowsDowndate
  A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
  ☆680Updated 10 months ago
• persistence-info / persistence-info.github.io
  ☆507Updated last year
• awakecoding / wireshark-rdp
  Wireshark RDP resources
  ☆216Updated 3 months ago
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆255Updated last year
• splunk / DECEIVE
  DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!
  ☆260Updated 3 months ago
• curated-intel / Attribution-to-IP
  A collection of methods to learn who the owner of an IP address is.
  ☆174Updated 3 months ago
• Semperis / EntraGoat
  A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.
  ☆592Updated 3 weeks ago
• mttaggart / seclab
  Automated security lab provisioning
  ☆83Updated 2 weeks ago
• Psmths / windows-forensic-artifacts
  Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
  ☆387Updated last year
• ExaTrack / Kdrill
  Python tool to check rootkits in Windows kernel
  ☆201Updated last month
• cisagov / Ludus
  Ludus is a system to build easy to use cyber environments, or "ranges" for testing and development.
  ☆50Updated last year
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆196Updated this week
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆387Updated 3 weeks ago
• bagelByt3s / LudusHound
  LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment…
  ☆304Updated 2 weeks ago
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆132Updated 7 months ago