Detecting Lateral Movement with Machine Learning
☆139Oct 31, 2017Updated 8 years ago
Alternatives and similar repositories for DetectLM
Users that are interested in DetectLM are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Tool Analysis Result Sheet☆358Dec 4, 2017Updated 8 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆462Aug 14, 2025Updated 7 months ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,147Oct 19, 2025Updated 5 months ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 6 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Mar 8, 2019Updated 7 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- ☆24Mar 19, 2020Updated 6 years ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 11 years ago
- ☆14May 18, 2022Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Basic x86 Symbolic Execution for educational purposes☆18May 8, 2017Updated 8 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆635Jun 20, 2017Updated 8 years ago
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆198Jun 1, 2018Updated 7 years ago
- A modern Python-3-based alternative to RegRipper☆212Mar 31, 2025Updated last year
- YARA malware query accelerator (web frontend)☆437Feb 3, 2026Updated 2 months ago
- Yara matching in ElasticSearch.☆10Jun 12, 2018Updated 7 years ago
- Yet another way to find where to report an abuse☆31Jan 25, 2025Updated last year
- ☆28Mar 29, 2022Updated 4 years ago
- Lazy Office Analyzer☆121Feb 15, 2017Updated 9 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Set of ultra technical notes about AD☆18Jun 17, 2018Updated 7 years ago
- Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline☆35Jan 3, 2020Updated 6 years ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,343Dec 13, 2022Updated 3 years ago
- Tools for DFIR☆122Jan 25, 2018Updated 8 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆939Dec 12, 2023Updated 2 years ago
- A Slack bot to add security info to messages containing URLs, hashes and IPs☆71Aug 28, 2024Updated last year
- Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.☆492Feb 16, 2019Updated 7 years ago
- Kirjuri is a web application for managing cases and physical forensic evidence items.☆108May 7, 2021Updated 4 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 11 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆312Aug 14, 2020Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- A rewrite of mactime, a bodyfile reader☆40Aug 5, 2024Updated last year
- CASCADE Server☆274Dec 8, 2022Updated 3 years ago
- An agent that performs user actions on a workstation☆13Jan 22, 2018Updated 8 years ago
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- LogViewer for viewing and searching large text files...☆427Jul 3, 2019Updated 6 years ago