Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.
☆64Feb 15, 2026Updated 2 weeks ago
Alternatives and similar repositories for rustinel
Users that are interested in rustinel are comparing it to the libraries listed below
Sorting:
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Updated this week
- Search for Common Platform Enumeration (CPE) strings using software names and titles.☆24Feb 12, 2026Updated 2 weeks ago
- My try to implement a virtual CPU in C☆19Nov 18, 2023Updated 2 years ago
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- ☆20Aug 21, 2021Updated 4 years ago
- 这是一个从黑暗搜索引擎 搜索查找存在此反序列化漏洞 的批量检测脚本☆11Feb 23, 2023Updated 3 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆59Oct 5, 2025Updated 4 months ago
- OSSEM Data Dictionaries☆65Jan 22, 2025Updated last year
- Takajō (鷹匠) is a Hayabusa results analyzer.☆151Feb 23, 2026Updated last week
- un sensor pour récupérer les informations des prochaines marées☆12Jan 27, 2026Updated last month
- Offline amnesic live Linux distribution☆14Mar 8, 2025Updated 11 months ago
- TAXII 2.0 Server implemented in Node JS with MongoDB backend☆12Jan 3, 2023Updated 3 years ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- MCP to help Defenders Detection Engineer Harder and Smarter☆252Updated this week
- ☆44Nov 28, 2025Updated 3 months ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- ☆10Dec 17, 2022Updated 3 years ago
- QRadar AQL backend for converting Sigma rules to QRadar AQL queries☆14Sep 18, 2025Updated 5 months ago
- L.I.A.M is an open source case management system for digital forensics labs. Law-Enforcement Investigations and Asset Management☆13Jul 4, 2025Updated 8 months ago
- ☆12Sep 2, 2016Updated 9 years ago
- ScriptLibrary offers a suite of PowerShell scripts for the IT administrator seeking to automate routine tasks and optimize operational wo…☆12Jan 13, 2026Updated last month
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Updated this week
- Google Chrome internals analysis using Volatility☆42Nov 17, 2022Updated 3 years ago
- Function App solution to help with getting on-prem file shares and printers into modern management.☆14Feb 3, 2023Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Module to update the Krbtgt password☆48Nov 10, 2023Updated 2 years ago
- An application that allows testing of SOAP implementations, with extra features targeting Exchange Web Services. It includes an HTTP lis…☆10Jul 9, 2024Updated last year
- A C project that generates usernames based on input lists and format you decide yourself☆11Jan 23, 2025Updated last year
- IDA scripts that facilitate reverse engineering☆16Aug 10, 2016Updated 9 years ago
- Template to detect some malware☆14Aug 7, 2023Updated 2 years ago
- ☆12Feb 17, 2022Updated 4 years ago
- Standardizing Security Titles☆13Dec 31, 2025Updated 2 months ago
- This MavLink_FrSkySPort repository is discontinued! The development is moved to Clooney82/MavLink_FrSkySPort where we work together on th…☆16Aug 30, 2015Updated 10 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Scripts which don't yet warrant their own repo☆11Oct 31, 2018Updated 7 years ago