Alternatives and similar repositories for god-mode-rules

Users that are interested in god-mode-rules are comparing it to the libraries listed below

• deadbits / yara-rules

  View on GitHub
  Collection of YARA signatures from individual research
  ☆45Nov 20, 2023Updated 2 years ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆212May 16, 2022Updated 3 years ago
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• The-DFIR-Report / Suricata-Rules

  View on GitHub
  ☆11Jun 12, 2023Updated 2 years ago
• Yamato-Security / suzaku

  View on GitHub
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆167Dec 7, 2025Updated 2 months ago
• ANSSI-FR / DFIR4vSphere

  View on GitHub
  Powershell module for VMWare vSphere forensics
  ☆158Nov 8, 2024Updated last year
• RussianPanda95 / Yara-Rules

  View on GitHub
  Repository of Yara Rules
  ☆139Jan 16, 2026Updated 3 weeks ago
• telekom-security / malware_analysis

  View on GitHub
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆119Dec 13, 2023Updated 2 years ago
• strozfriedberg / QELP

  View on GitHub
  Quick ESXi Log Parser
  ☆28Oct 20, 2025Updated 3 months ago
• Yamato-Security / EnableWindowsLogSettings

  View on GitHub
  Documentation and scripts to properly enable Windows event logs.
  ☆671Oct 3, 2025Updated 4 months ago
• AirbusProtect / AD-Canaries

  View on GitHub
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆258Nov 24, 2023Updated 2 years ago
• LETHAL-FORENSICS / Collect-MemoryDump

  View on GitHub
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆252Oct 29, 2025Updated 3 months ago
• krdmnbrk / AttackRuleMap

  View on GitHub
  Mapping of open-source detection rules and atomic tests.
  ☆195Updated this week
• bgrundy / cheatsheets-forensic

  View on GitHub
  Forensic cheatsheets for use with cheat
  ☆15Dec 2, 2021Updated 4 years ago
• tsale / EDR-Telemetry

  View on GitHub
  This project aims to compare and evaluate the telemetry of various EDR products.
  ☆1,924Jan 20, 2026Updated 3 weeks ago
• magicsword-io / sigconverter.io

  View on GitHub
  An opensource sigma conversion tool built using pysigma
  ☆158Updated this week
• last-byte / PersistenceSniper

  View on GitHub
  Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…
  ☆2,048Dec 11, 2024Updated last year
• 100DaysofYARA / 2023

  View on GitHub
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Apr 12, 2023Updated 2 years ago
• MarkBaggett / ese-analyst

  View on GitHub
  This is a set of tools for doing forensics analysis on Microsoft ESE databases.
  ☆128Jan 31, 2022Updated 4 years ago
• mthcht / ThreatHunting-Keywords-yara-rules

  View on GitHub
  yara detection rules for hunting with the threathunting-keywords project
  ☆157May 11, 2025Updated 9 months ago
• FalconForceTeam / FalconHound

  View on GitHub
  FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…
  ☆817Feb 17, 2025Updated 11 months ago
• mthcht / ThreatHunting-Keywords

  View on GitHub
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆633Aug 4, 2025Updated 6 months ago
• intezer / yara-rules

  View on GitHub
  ☆128Feb 2, 2025Updated last year
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 3 years ago
• joshlemon / DFIR-Reference-Frameworks

  View on GitHub
  Repository of public reference frameworks for the DFIR community.
  ☆121Jul 4, 2023Updated 2 years ago
• magisterquis / lutlol

  View on GitHub
  Living Under the Land on Linux ~ Bsides Belfast/Vienna 2025
  ☆37Nov 22, 2025Updated 2 months ago
• knight0x07 / OneNoteAnalyzer

  View on GitHub
  A C# based tool for analysing malicious OneNote documents
  ☆118Apr 4, 2023Updated 2 years ago
• fboldewin / YARA-rules

  View on GitHub
  Some YARA rules i will add from time to time
  ☆66Mar 25, 2023Updated 2 years ago
• deepinstinct / Lsass-Shtinkering

  View on GitHub
  ☆385Jan 19, 2023Updated 3 years ago
• The-DFIR-Report / cyberchef-recipes

  View on GitHub
  ☆21May 8, 2022Updated 3 years ago
• embee-research / Yara-detection-rules

  View on GitHub
  Yara Rules for Modern Malware
  ☆78Mar 3, 2024Updated last year
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated last year
• tclahr / uac

  View on GitHub
  UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It …
  ☆1,238Feb 5, 2026Updated last week
• khyrenz / parseusbs

  View on GitHub
  Parses USB connection artifacts from offline Registry hives
  ☆107Updated this week
• Digital-Defense-Institute / triage.zip

  View on GitHub
  A preconfigured Velociraptor triage collector
  ☆74Jan 7, 2026Updated last month
• NextronSystems / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆567Jan 21, 2026Updated 3 weeks ago
• cyb3rmik3 / MDE-DFIR-Resources

  View on GitHub
  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …
  ☆421Aug 10, 2025Updated 6 months ago
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• Sam0x90 / CB-Threat-Hunting

  View on GitHub
  CarbonBlack EDR detection rules and response actions
  ☆73Sep 10, 2024Updated last year