Automated, Collection, and Enrichment Platform
☆324Nov 14, 2019Updated 6 years ago
Alternatives and similar repositories for ACE
Users that are interested in ACE are comparing it to the libraries listed below
Sorting:
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆657Aug 19, 2019Updated 6 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆56Nov 19, 2024Updated last year
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆370Feb 7, 2019Updated 7 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆634Jun 20, 2017Updated 8 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- ☆1,090May 1, 2019Updated 6 years ago
- "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …☆1,035May 27, 2020Updated 5 years ago
- A Powershell incident response framework☆1,640Nov 22, 2022Updated 3 years ago
- A repository for using windows event forwarding for incident detection and response☆1,300Sep 8, 2025Updated 6 months ago
- Remote Recon and Collection☆460Nov 23, 2017Updated 8 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- Powershell-based Windows Security Auditing Toolbox☆574Jan 9, 2019Updated 7 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆387Jun 25, 2024Updated last year
- FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines. Agents are managed…☆207Dec 4, 2017Updated 8 years ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- Python script to decode common encoded PowerShell scripts☆217Jun 13, 2018Updated 7 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- An informational repo about hunting for adversaries in your IT environment.☆1,859Nov 17, 2021Updated 4 years ago
- ☆309Aug 14, 2020Updated 5 years ago
- SMB Named Pipe shell☆69Nov 19, 2024Updated last year
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆214Mar 29, 2021Updated 4 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,548Aug 2, 2019Updated 6 years ago
- Incident Response Forensic Framework☆612Nov 20, 2019Updated 6 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Dec 19, 2025Updated 3 months ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆398Apr 22, 2018Updated 7 years ago
- SubShell is a python command shell used to control and execute commands through HTTP requests to a webshell. SubShell acts as the interfa…☆75Nov 6, 2016Updated 9 years ago