Neo23x0 / god-mode-rules

Related projects ⓘ

Alternatives and complementary repositories for god-mode-rules

• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆110Updated 7 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆161Updated last week
• tsale / EDR-Telemetry-Website
  ☆70Updated this week
• reecdeep / segugio
  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…
  ☆140Updated 2 months ago
• lawndoc / Respotter
  Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
  ☆171Updated 2 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆148Updated 6 months ago
• HackingLZ / IndicatorOfCanary
  Canary Detection
  ☆161Updated 7 months ago
• BushidoUK / Ransomware-Vulnerability-Matrix
  A collection of CVEs weaponized by ransomware operators
  ☆74Updated this week
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆71Updated 2 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 6 months ago
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆232Updated 11 months ago
• montysecurity / InfraHunter
  Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.
  ☆60Updated 4 months ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆79Updated 3 months ago
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆241Updated 6 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆150Updated last year
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆48Updated 10 months ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆168Updated 4 months ago
• 0xAnalyst / Project-Lost
  Living Off Security Tools
  ☆41Updated 3 weeks ago
• mf1d3l / Splunk4DFIR
  Harness the power of Splunk for your investigations
  ☆77Updated this week
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆76Updated last week
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated last year
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆114Updated last year
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆108Updated 3 weeks ago
• LOLAD-Project / LOLAD-Project.github.io
  https://lolad-project.github.io/
  ☆60Updated 2 weeks ago
• fboldewin / YARA_Detection_Engineering
  Detection Engineering with YARA
  ☆85Updated 10 months ago
• magicsword-io / LOLRMM
  LotL RMM
  ☆96Updated this week
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆104Updated last month
• Abjuri5t / SarlackLab
  ☆26Updated this week
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆115Updated 2 months ago
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆158Updated last week