Alternatives and similar repositories for Raccine

Users that are interested in Raccine are comparing it to the libraries listed below

• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• Neo23x0 / munin

  View on GitHub
  Online hash checker for Virustotal and other services
  ☆845Mar 21, 2025Updated 10 months ago
• alexandreborges / malwoverview

  View on GitHub
  Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
  ☆3,531Jan 20, 2026Updated 3 weeks ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,363Dec 15, 2025Updated last month
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,637Nov 22, 2022Updated 3 years ago
• ION28 / BLUESPAWN

  View on GitHub
  An Active Defense and EDR software to empower Blue Teams
  ☆1,314Aug 10, 2023Updated 2 years ago
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,715Jan 12, 2026Updated last month
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,569Sep 21, 2025Updated 4 months ago
• ScarredMonk / SysmonSimulator

  View on GitHub
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆861Jan 20, 2022Updated 4 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,502Jan 24, 2023Updated 3 years ago
• JPCERTCC / LogonTracer

  View on GitHub
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆3,049Oct 19, 2025Updated 3 months ago
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,747Feb 5, 2026Updated last week
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• ion-storm / sysmon-edr

  View on GitHub
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆226May 1, 2021Updated 4 years ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Updated this week
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,968Aug 21, 2024Updated last year
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,901Jul 6, 2024Updated last year
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆212May 16, 2022Updated 3 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence

  View on GitHub
  Defences against Cobalt Strike
  ☆1,293Jul 14, 2022Updated 3 years ago
• ComodoSecurity / openedr

  View on GitHub
  Open EDR public repository
  ☆2,604Jan 13, 2024Updated 2 years ago
• gtworek / PSBits

  View on GitHub
  Simple (relatively) things allowing you to dig a bit deeper than usual.
  ☆3,459Feb 3, 2026Updated last week
• hasherezade / hollows_hunter

  View on GitHub
  Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks,…
  ☆2,310Oct 31, 2025Updated 3 months ago
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• DissectMalware / XLMMacroDeobfuscator

  View on GitHub
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆587May 5, 2024Updated last year
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• NextronSystems / ransomware-simulator

  View on GitHub
  Ransomware simulator written in Golang
  ☆471Jun 30, 2022Updated 3 years ago
• Mr-Un1k0d3r / EDRs

  View on GitHub
  ☆2,169Feb 21, 2023Updated 2 years ago
• mandiant / capa

  View on GitHub
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,813Feb 5, 2026Updated last week
• Neo23x0 / signature-base

  View on GitHub
  YARA signature and IOC database for my scanners and tools
  ☆2,864Feb 5, 2026Updated last week
• bats3c / shad0w

  View on GitHub
  A post exploitation framework designed to operate covertly on heavily monitored environments
  ☆2,169Sep 29, 2021Updated 4 years ago
• redcanaryco / atomic-red-team

  View on GitHub
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆11,570Updated this week
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,379Jul 3, 2024Updated last year
• hasherezade / pe-sieve

  View on GitHub
  Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-mem…
  ☆3,550Oct 31, 2025Updated 3 months ago
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆625Mar 18, 2025Updated 10 months ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• intelowlproject / IntelOwl

  View on GitHub
  IntelOwl: manage your Threat Intelligence at scale
  ☆4,445Feb 7, 2026Updated last week
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,869Aug 18, 2023Updated 2 years ago
• cisagov / Sparrow

  View on GitHub
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,432Dec 27, 2022Updated 3 years ago