Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.
☆404Jul 6, 2026Updated this week
Alternatives and similar repositories for rustinel
Users that are interested in rustinel are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆55Jun 21, 2025Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 3 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated last year
- Tools for attacking Computer Use Agents☆32Jan 16, 2026Updated 5 months ago
- VolchockC2 is a custom-built Command & Control (C2) framework, currently under active development. Designed for red team operations and a…☆35Jul 31, 2025Updated 11 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- Detect drift. Defend cloud.☆37Feb 21, 2026Updated 4 months ago
- ☆10Jun 9, 2021Updated 5 years ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 5 months ago
- The GDPR-compliant Privacy Policy template/sample provided at https://gdpr.eu, adapted into markdown format.☆13May 25, 2021Updated 5 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆63Jun 17, 2026Updated 2 weeks ago
- kunkillable is an LKM that makes userland processes unkillable.☆17Sep 26, 2020Updated 5 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆17Mar 23, 2026Updated 3 months ago
- x64dbg Automate's Python Client - Easy Scriptable and Repeatable Debug Sessions☆45Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- pySigma Elasticsearch backend☆71Jun 29, 2026Updated last week
- An implementation of a Windows Event Collector server running on GNU/Linux.☆98Jan 27, 2026Updated 5 months ago
- ☆23Mar 12, 2025Updated last year
- Full of public notes and Utilities☆134Jan 6, 2026Updated 6 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- IDT HOOK KiPageFault test Modified from: github.com/kanren3/x64-IDT-HOOK☆18May 2, 2020Updated 6 years ago
- Alternative password shadowing scheme☆10Updated this week
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A tool to dump informations about the caller of a function.☆14Oct 4, 2016Updated 9 years ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆119Jun 20, 2026Updated 2 weeks ago
- ☆11Feb 9, 2023Updated 3 years ago
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆54Sep 11, 2025Updated 9 months ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆827May 30, 2026Updated last month
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- vBrowser is a secure, containerized browser platform designed for covert web investigations. Originally created to support deep and dark …☆22Feb 24, 2026Updated 4 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 8 years ago
- Execute a command in the context of the desktop user☆13Aug 23, 2021Updated 4 years ago
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆72Jun 17, 2026Updated 2 weeks ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 3 years ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Quick ESXi Log Parser☆33Oct 20, 2025Updated 8 months ago
- Rebuild of portspoof in GO with additional features.☆32Apr 7, 2026Updated 2 months ago