Alternatives and similar repositories for Raccine

Users that are interested in Raccine are comparing it to the libraries listed below

• trustedsec / SysmonCommunityGuide
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,220Updated last year
• mandiant / ThreatPursuit-VM
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,270Updated 2 years ago
• olafhartong / sysmon-cheatsheet
  All sysmon event types and their fields explained
  ☆551Updated 3 years ago
• Neo23x0 / munin
  Online hash checker for Virustotal and other services
  ☆825Updated 2 months ago
• GossiTheDog / ThreatHunting
  Tools for hunting for threats.
  ☆583Updated last month
• Yamato-Security / WELA-deprecated
  WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）
  ☆783Updated 2 years ago
• ION28 / BLUESPAWN
  An Active Defense and EDR software to empower Blue Teams
  ☆1,277Updated last year
• Neo23x0 / sysmon-config
  Sysmon configuration file template with default high-quality event tracing
  ☆486Updated last year
• mdecrevoisier / Microsoft-eventlog-mindmap
  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
  ☆1,078Updated 9 months ago
• 0x6d69636b / windows_hardening
  HardeningKitty and Windows Hardening Settings
  ☆2,467Updated this week
• sophoslabs / IoCs
  Sophos-originated indicators-of-compromise from published reports
  ☆594Updated last week
• DFIR-ORC / dfir-orc
  Forensics artefact collection tool for systems running Microsoft Windows
  ☆414Updated 2 months ago
• olafhartong / sysmon-modular
  A repository of sysmon configuration modules
  ☆2,788Updated 9 months ago
• orlikoski / CyLR
  CyLR - Live Response Collection Tool
  ☆680Updated 3 years ago
• MarkBaggett / srum-dump
  A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
  ☆680Updated this week
• keydet89 / RegRipper3.0
  RegRipper3.0
  ☆612Updated 5 months ago
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆852Updated 3 years ago
• nshalabi / SysmonTools
  Utilities for Sysmon
  ☆1,527Updated 3 months ago
• cisagov / Sparrow
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,423Updated 2 years ago
• PlumHound / PlumHound
  Bloodhound Reporting for Blue and Purple Teams
  ☆1,199Updated 3 months ago
• sans-blue-team / DeepBlueCLI
  ☆2,281Updated last year
• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆908Updated last year
• AndrewRathbun / DFIRMindMaps
  A repository of DFIR-related Mind Maps geared towards the visual learners!
  ☆525Updated 2 years ago
• mandiant / sunburst_countermeasures
  ☆560Updated 2 years ago
• mitre-attack / attack-arsenal
  A collection of red team and adversary emulation resources developed and released by MITRE.
  ☆512Updated 4 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence
  Defences against Cobalt Strike
  ☆1,285Updated 2 years ago
• davehull / Kansa
  A Powershell incident response framework
  ☆1,605Updated 2 years ago
• last-byte / PersistenceSniper
  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…
  ☆1,995Updated 5 months ago
• scipag / HardeningKitty
  HardeningKitty - Checks and hardens your Windows configuration
  ☆1,489Updated 5 months ago
• alexandreborges / malwoverview
  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Po…
  ☆3,211Updated 4 months ago