Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.
☆377Jun 15, 2026Updated this week
Alternatives and similar repositories for rustinel
Users that are interested in rustinel are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆54Jun 21, 2025Updated 11 months ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Tools for attacking Computer Use Agents☆32Jan 16, 2026Updated 4 months ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Feb 27, 2026Updated 3 months ago
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆207May 10, 2026Updated last month
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 4 months ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆63Updated this week
- kunkillable is an LKM that makes userland processes unkillable.☆17Sep 26, 2020Updated 5 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆17Mar 23, 2026Updated 2 months ago
- Repository for Ludus french templates☆26Mar 1, 2026Updated 3 months ago
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to…☆46Feb 1, 2026Updated 4 months ago
- pySigma Elasticsearch backend☆69Jun 2, 2026Updated 2 weeks ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- An implementation of a Windows Event Collector server running on GNU/Linux.☆97Jan 27, 2026Updated 4 months ago
- ☆23Mar 12, 2025Updated last year
- Full of public notes and Utilities☆133Jan 6, 2026Updated 5 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficient…☆16Jan 25, 2026Updated 4 months ago
- Alternative password shadowing scheme☆10May 29, 2026Updated 2 weeks ago
- ☆11Feb 9, 2023Updated 3 years ago
- My try to implement a virtual CPU in C☆19Nov 18, 2023Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆54Sep 11, 2025Updated 9 months ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆822May 30, 2026Updated 2 weeks ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- vBrowser is a secure, containerized browser platform designed for covert web investigations. Originally created to support deep and dark …☆22Feb 24, 2026Updated 3 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆72Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 3 years ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Quick ESXi Log Parser☆33Oct 20, 2025Updated 7 months ago
- ☆15Feb 5, 2021Updated 5 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- Suricata rules for SCADA☆16Jun 4, 2022Updated 4 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year