Neo23x0 / Rewind
Immediate Virus Infection Counter Measures
☆62Updated 4 years ago
Alternatives and similar repositories for Rewind:
Users that are interested in Rewind are comparing it to the libraries listed below
- Random hunting ordiented yara rules☆95Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- A YARA Rule Performance Measurement Tool☆59Updated last year
- Detect possible sysmon logging bypasses given a specific configuration☆108Updated 6 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆103Updated 2 years ago
- A repo to document API functions mapped to security events across diverse platforms☆75Updated 5 years ago
- ☆38Updated 3 years ago
- Automatically create YARA rules from malicious documents.☆211Updated 2 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- Simple yara rule manager☆66Updated 2 years ago
- TA505+ Adversary Simulation☆65Updated 4 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- Yara Based Detection Engine for web browsers☆47Updated 3 years ago
- XOR Key Extractor☆50Updated 8 months ago
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- Python API for interacting with sigma rules.☆51Updated 2 years ago
- Neutering Sysmon via driver unload☆227Updated 2 years ago
- Browser Shortcuts for Cyber Security Related Online Services☆78Updated 4 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 3 years ago
- Terraform script to deploy AD-based environment on Azure☆41Updated last year
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆51Updated last year
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆64Updated 2 years ago
- A guide on how to write fast and memory friendly YARA rules☆142Updated 2 months ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Using Microsoft 365 App Passwords for persistence☆23Updated 4 years ago
- A repo to support the book☆107Updated 3 years ago
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- ☆53Updated 4 years ago
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆106Updated 8 months ago