Detecting Lateral Movement with Machine Learning
☆139Oct 31, 2017Updated 8 years ago
Alternatives and similar repositories for DetectLM
Users that are interested in DetectLM are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Tool Analysis Result Sheet☆360Dec 4, 2017Updated 8 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆464Aug 14, 2025Updated 10 months ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆174Jun 10, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,178Apr 22, 2026Updated last month
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 6 years ago
- Lepus-CTF frontend application☆11Nov 2, 2015Updated 10 years ago
- A repository of Sysmon For Linux configuration modules☆17Oct 14, 2021Updated 4 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆60Mar 8, 2019Updated 7 years ago
- ☆24Mar 19, 2020Updated 6 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆511Oct 21, 2022Updated 3 years ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 11 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- ☆14May 18, 2022Updated 4 years ago
- Basic x86 Symbolic Execution for educational purposes☆18May 8, 2017Updated 9 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆635Jun 20, 2017Updated 8 years ago
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆198Jun 1, 2018Updated 8 years ago
- A modern Python-3-based alternative to RegRipper☆215May 12, 2026Updated last month
- YARA malware query accelerator (web frontend)☆439Feb 3, 2026Updated 4 months ago
- Yara matching in ElasticSearch.☆10Jun 12, 2018Updated 8 years ago
- Yet another way to find where to report an abuse☆31Jan 25, 2025Updated last year
- ☆28Mar 29, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Lazy Office Analyzer☆121Feb 15, 2017Updated 9 years ago
- Set of ultra technical notes about AD☆18Jun 17, 2018Updated 7 years ago
- Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline☆35Jan 3, 2020Updated 6 years ago
- Tools for DFIR☆123Jan 25, 2018Updated 8 years ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,346Dec 13, 2022Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆942Dec 12, 2023Updated 2 years ago
- A Slack bot to add security info to messages containing URLs, hashes and IPs☆71Aug 28, 2024Updated last year
- Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.☆491Feb 16, 2019Updated 7 years ago
- Kirjuri is a web application for managing cases and physical forensic evidence items.☆109May 19, 2026Updated 3 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Queries to parse sysmon event log file with microsoft logparser☆59Mar 31, 2015Updated 11 years ago
- ☆314Aug 14, 2020Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 7 years ago
- CASCADE Server☆274Dec 8, 2022Updated 3 years ago
- A rewrite of mactime, a bodyfile reader☆41Aug 5, 2024Updated last year
- An agent that performs user actions on a workstation☆13Jan 22, 2018Updated 8 years ago
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago