Automated, Collection, and Enrichment Platform
☆324Nov 14, 2019Updated 6 years ago
Alternatives and similar repositories for ACE
Users that are interested in ACE are comparing it to the libraries listed below
Sorting:
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆658Aug 19, 2019Updated 6 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆56Nov 19, 2024Updated last year
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆370Feb 7, 2019Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- A repository for using windows event forwarding for incident detection and response☆1,296Sep 8, 2025Updated 5 months ago
- "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …☆1,036May 27, 2020Updated 5 years ago
- ☆1,092May 1, 2019Updated 6 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,486Jan 12, 2026Updated last month
- Powershell-based Windows Security Auditing Toolbox☆573Jan 9, 2019Updated 7 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆388Jun 25, 2024Updated last year
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- Sysmon Tools for PowerShell☆232Aug 17, 2018Updated 7 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆398Apr 22, 2018Updated 7 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines. Agents are managed…☆208Dec 4, 2017Updated 8 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- An information security preparedness tool to do adversarial simulation.☆1,139Apr 1, 2019Updated 6 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,850Nov 17, 2021Updated 4 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,546Aug 2, 2019Updated 6 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…☆362Nov 19, 2024Updated last year
- ☆309Aug 14, 2020Updated 5 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- Issues to consider when planning a red team exercise.☆616Aug 23, 2017Updated 8 years ago
- Open Source Security Events Metadata (OSSEM)☆1,287Feb 27, 2023Updated 3 years ago
- SMB Named Pipe shell☆69Nov 19, 2024Updated last year
- Exploit the credentials present in files and memory☆843May 25, 2023Updated 2 years ago