A list of RMMs designed to be used in automation to build alerts
☆117Nov 9, 2025Updated 4 months ago
Alternatives and similar repositories for RMML
Users that are interested in RMML are comparing it to the libraries listed below
Sorting:
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆102Aug 15, 2025Updated 7 months ago
- ☆105Jul 5, 2025Updated 8 months ago
- Powershell Scripts for Blue Team members☆11Dec 1, 2023Updated 2 years ago
- ☆12Updated this week
- ☆74Apr 8, 2024Updated last year
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- A collection of tools, scripts and personal research☆157Feb 2, 2026Updated last month
- A C# based tool for analysing malicious OneNote documents☆117Apr 4, 2023Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Force-Directed Graph Generator for Volatility Ouputs☆26Mar 3, 2019Updated 7 years ago
- A tool that adds reproducible UUIDs to YARA rules☆13Apr 24, 2024Updated last year
- Scan websites CSP policies and visualise their vunlnerabilities from a dashboard☆13Mar 11, 2025Updated last year
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆581Dec 6, 2025Updated 3 months ago
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- Using Microsoft 365 App Passwords for persistence☆23Sep 2, 2020Updated 5 years ago
- information about ransomware groups (Ransomware Analysis Notes)☆41Dec 26, 2023Updated 2 years ago
- PowerShell ETW consumer module☆31May 21, 2025Updated 10 months ago
- ☆22Mar 4, 2025Updated last year
- ShellSweeping the evil.☆53Jun 18, 2024Updated last year
- ☆78Sep 29, 2025Updated 5 months ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆818Mar 6, 2026Updated 2 weeks ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Feb 1, 2024Updated 2 years ago
- ☆54May 14, 2024Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆92Aug 30, 2024Updated last year
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Dec 8, 2022Updated 3 years ago
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- Rules generated from our investigations.☆204Jun 17, 2025Updated 9 months ago
- ☆253Jun 7, 2025Updated 9 months ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆114Nov 19, 2024Updated last year
- Simple and sane cryptographic wrapper library.☆27Apr 21, 2023Updated 2 years ago
- A basic Terraform configuration for provisioning simple red team infrastructure in DigitalOcean☆12May 5, 2021Updated 4 years ago
- Detection Engineering with YARA☆87Jan 6, 2024Updated 2 years ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,931Jan 20, 2026Updated 2 months ago
- Awesome Security lists for SOC/CERT/CTI☆1,287Updated this week
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆806Jan 14, 2026Updated 2 months ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago