Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.
☆98Mar 4, 2026Updated 3 weeks ago
Alternatives and similar repositories for rustinel
Users that are interested in rustinel are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PoC exploit for the vulnerable (eb.sys or UnknownKiller.sys) – weaponized to kill protected EDR/AV processes via BYOVD.☆62Feb 27, 2026Updated 3 weeks ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Tools for attacking Computer Use Agents☆27Jan 16, 2026Updated 2 months ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Feb 27, 2026Updated 3 weeks ago
- We took PersistenceSniper, merged it with Python, and misspelled it on purpose. Meet PyrsistenceSniper.☆69Updated this week
- The GDPR-compliant Privacy Policy template/sample provided at https://gdpr.eu, adapted into markdown format.☆13May 25, 2021Updated 4 years ago
- kunkillable is an LKM that makes userland processes unkillable.☆16Sep 26, 2020Updated 5 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 3, 2026Updated 3 weeks ago
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆94Jan 27, 2026Updated last month
- pySigma Elasticsearch backend☆65Mar 16, 2026Updated last week
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆51Jun 21, 2025Updated 9 months ago
- DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficient…☆15Jan 25, 2026Updated 2 months ago
- ☆182Apr 24, 2025Updated 11 months ago
- My try to implement a virtual CPU in C☆19Nov 18, 2023Updated 2 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- vBrowser is a secure, containerized browser platform designed for covert web investigations. Originally created to support deep and dark …☆20Feb 24, 2026Updated last month
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆69Updated this week
- collection of links related to using and improving windbg☆20Jun 17, 2018Updated 7 years ago
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Quick ESXi Log Parser☆30Oct 20, 2025Updated 5 months ago
- MCP to help Defenders Detection Engineer Harder and Smarter☆340Mar 5, 2026Updated 2 weeks ago
- Suricata rules for SCADA☆16Jun 4, 2022Updated 3 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 10 months ago
- ☆22May 1, 2025Updated 10 months ago
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 3 months ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23May 4, 2016Updated 9 years ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 4 months ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- The home of the SDDLMaker☆28Jan 13, 2025Updated last year
- A Security Operations playbook to assist blue teamers from day-to-day tasks to Digital Forensics and Incident Response (DFIR) activities.☆22Mar 18, 2026Updated last week
- QRadar AQL backend for converting Sigma rules to QRadar AQL queries☆14Sep 18, 2025Updated 6 months ago
- Blogseries on DevOps☆13Oct 19, 2023Updated 2 years ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆45Mar 5, 2026Updated 2 weeks ago
- ☆15Feb 22, 2026Updated last month
- ☆44Nov 28, 2025Updated 3 months ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Search an entire directory of .eml email files for a word or phrase... in over 100 languages.☆12Feb 28, 2023Updated 3 years ago