Alternatives and similar repositories for exotron

Users that are interested in exotron are comparing it to the libraries listed below

• Neo23x0 / evt2sigma

  View on GitHub
  Log Entry to Sigma Rule Converter
  ☆108Mar 3, 2022Updated 3 years ago
• P4T12ICK / ypsilon

  View on GitHub
  Automated Use Case Testing
  ☆171May 1, 2018Updated 7 years ago
• wolfvan / YaraRET

  View on GitHub
  Carving tool based in Radare2 & Yara
  ☆16Oct 30, 2018Updated 7 years ago
• sk4la / plast

  View on GitHub
  Modular command-line threat hunting tool & framework.
  ☆17Jul 20, 2020Updated 5 years ago
• Neo23x0 / sysmon-version-history

  View on GitHub
  An Inofficial Sysmon Version History (Change Log)
  ☆33Oct 25, 2020Updated 5 years ago
• MotiBa / ProcessMonitorAnalyzeMalware

  View on GitHub
  Script to parse Process Monitor XML log file, and give you a summary report.
  ☆24May 4, 2016Updated 9 years ago
• mandiant / pivy-report

  View on GitHub
  Poison Ivy Appendix/Extras
  ☆18Aug 21, 2013Updated 12 years ago
• NextronSystems / thunderstorm-collector

  View on GitHub
  THOR Thunderstorm Collectors
  ☆25Updated this week
• DissectMalware / base64_substring

  View on GitHub
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Jul 13, 2018Updated 7 years ago
• AGDCservices / Misc-Malware-Analysis-Tools

  View on GitHub
  This repo contains miscellaneous tools to aid in your malware analysis.
  ☆13Mar 2, 2021Updated 4 years ago
• CyberDefenses / CDI_yara

  View on GitHub
  A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.
  ☆20Sep 10, 2023Updated 2 years ago
• Invoke-IR / ACE

  View on GitHub
  Automated, Collection, and Enrichment Platform
  ☆324Nov 14, 2019Updated 6 years ago
• TKCERT / winnti-suricata-lua

  View on GitHub
  Suricata rules to detect Winnti communication
  ☆16Mar 5, 2018Updated 7 years ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,569Sep 21, 2025Updated 4 months ago
• scsich / phagescan

  View on GitHub
  An open source virus scan aggregation framework.
  ☆25Apr 25, 2014Updated 11 years ago
• defensivedepth / Pertinax

  View on GitHub
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Feb 20, 2024Updated last year
• muteb / Hoarder

  View on GitHub
  This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …
  ☆209Oct 19, 2020Updated 5 years ago
• Neo23x0 / atomic-threat-coverage

  View on GitHub
  Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
  ☆23Dec 13, 2018Updated 7 years ago
• spcampbell / FireStic

  View on GitHub
  A Python script for indexing (putting) FireEye alert data into Elasticsearch...and notifying you too.
  ☆16Dec 11, 2018Updated 7 years ago
• aboutsecurity / Audit_Host-Baseline

  View on GitHub
  A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems
  ☆20Oct 19, 2013Updated 12 years ago
• koutto / vulners-lookup

  View on GitHub
  Perform vulnerabilities lookup on Vulners, the largest vulnerabilities & exploits database
  ☆17Dec 8, 2019Updated 6 years ago
• marcosd4h / sysmonx

  View on GitHub
  SysmonX - An Augmented Drop-In Replacement of Sysmon
  ☆216Sep 17, 2019Updated 6 years ago
• kgoins / ldsview

  View on GitHub
  ☆108Oct 14, 2021Updated 4 years ago
• mvelazc0 / PurpleSpray

  View on GitHub
  PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…
  ☆51Aug 15, 2019Updated 6 years ago
• vysecurity / ATT-CK_Analysis

  View on GitHub
  Repository for my ATT&CK analysis research.
  ☆71May 16, 2019Updated 6 years ago
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆37Jan 27, 2022Updated 4 years ago
• SecurityRiskAdvisors / RedTeamSIEM

  View on GitHub
  Repository of resources for configuring a Red Team SIEM using Elastic
  ☆101Jul 10, 2018Updated 7 years ago
• mattifestation / PSSysmonTools

  View on GitHub
  Sysmon Tools for PowerShell
  ☆232Aug 17, 2018Updated 7 years ago
• endgameinc / SANS_THIR16

  View on GitHub
  SANS Hunting on the Cheap
  ☆36Apr 12, 2016Updated 9 years ago
• cbecks2 / edr-artifacts

  View on GitHub
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆92Aug 30, 2024Updated last year
• mvelazc0 / Oriana

  View on GitHub
  Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…
  ☆177Jun 10, 2021Updated 4 years ago
• defensivedepth / Sysmon_OSSEC

  View on GitHub
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Jul 23, 2015Updated 10 years ago
• sroberts / cacador

  View on GitHub
  Indicator Extractor
  ☆141Jul 14, 2018Updated 7 years ago
• mandiant / stringsifter

  View on GitHub
  A machine learning tool that ranks strings based on their relevance for malware analysis.
  ☆750Jan 22, 2026Updated 3 weeks ago
• RESOLVN / RTHVM

  View on GitHub
  Resolvn Threat Hunting Virtual Machine
  ☆139Aug 16, 2019Updated 6 years ago
• MatthewClarkMay / fTriage

  View on GitHub
  Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.
  ☆21Mar 12, 2019Updated 6 years ago
• DBHeise / CyberSaucier

  View on GitHub
  Putting the Sauce in CyberChef - making CyberChef automatable
  ☆19Jul 22, 2025Updated 6 months ago
• 7h3rAm / pcapedit

  View on GitHub
  An Interactive Pcap Editor (based on Scapy)
  ☆23Oct 11, 2020Updated 5 years ago
• karttoon / iocs

  View on GitHub
  IoC's, PCRE's, YARA's etc
  ☆24Mar 25, 2025Updated 10 months ago