Rustinel is an open-source endpoint detection runtime for Windows and Linux. It collects native telemetry from ETW and eBPF, normalizes events into Sysmon-style fields, evaluates Sigma, YARA, and IOC detections, and emits ECS-compatible NDJSON alerts.
☆134Apr 25, 2026Updated last week
Alternatives and similar repositories for rustinel
Users that are interested in rustinel are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Detect drift. Defend cloud.☆36Feb 21, 2026Updated 2 months ago
- Repository for Ludus french templates☆24Mar 1, 2026Updated 2 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆17Jan 28, 2026Updated 3 months ago
- kunkillable is an LKM that makes userland processes unkillable.☆17Sep 26, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated last month
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- PowerShell-based Windows Server Security Audit Engine by Cyb3rint3l Labs. Measures alignment with the NIS2 directive and maps findings to…☆44Feb 1, 2026Updated 3 months ago
- pySigma Elasticsearch backend☆65Apr 23, 2026Updated last week
- An implementation of a Windows Event Collector server running on GNU/Linux.☆95Jan 27, 2026Updated 3 months ago
- OAuth 2.0 provider written in python. Can work without database.☆19Apr 26, 2023Updated 3 years ago
- ☆24Mar 12, 2025Updated last year
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆53Jun 21, 2025Updated 10 months ago
- Jupyter Notebooks for Cyber Threat Intelligence☆35Sep 14, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficient…☆15Jan 25, 2026Updated 3 months ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆114Apr 18, 2026Updated 2 weeks ago
- My try to implement a virtual CPU in C☆19Nov 18, 2023Updated 2 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆27Jan 2, 2023Updated 3 years ago
- vBrowser is a secure, containerized browser platform designed for covert web investigations. Originally created to support deep and dark …☆20Feb 24, 2026Updated 2 months ago
- This repository contains all available resource property aliases for easy reference when creating Policy definitions. The data is periodi…☆30Updated this week
- Threat feeds designed to extract adversarial TTPs and IOCs, using: ✨AI✨☆70Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Detection Rule License (DRL)☆21Dec 27, 2024Updated last year
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 6 months ago
- Rebuild of portspoof in GO with additional features.☆30Apr 7, 2026Updated 3 weeks ago
- Suricata rules for SCADA☆16Jun 4, 2022Updated 3 years ago
- A C project that generates usernames based on input lists and format you decide yourself☆11Jan 23, 2025Updated last year
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Fast memory tree storage structure for PHP☆11Oct 28, 2015Updated 10 years ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23May 4, 2016Updated 10 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated 11 months ago
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆16Updated this week
- A list of various eye- and head-tracking software, products, etc. ℹ️ This is just a push-mirror. We develop here: https://codeberg.org/ey…☆21Apr 24, 2026Updated last week
- ☆202Feb 27, 2026Updated 2 months ago
- ☆22Jun 2, 2023Updated 2 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆806Apr 6, 2026Updated 3 weeks ago
- The home of the SDDLMaker☆29Jan 13, 2025Updated last year