NextronSystems / ransomware-simulator

Related projects: ⓘ

• wagga40 / Zircolite
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆658Updated last month
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆497Updated 2 weeks ago
• op7ic / EDR-Testing-Script
  Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…
  ☆287Updated 2 years ago
• executemalware / Malware-IOCs
  ☆503Updated last month
• drb-ra / C2IntelFeeds
  Automatically created C2 Feeds
  ☆509Updated this week
• naksyn / Pyramid
  a tool to help operate in EDRs' blind spots
  ☆639Updated 5 months ago
• 3CORESec / MAL-CL
  MAL-CL (Malicious Command-Line)
  ☆308Updated last year
• mdecrevoisier / SIGMA-detection-rules
  Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
  ☆300Updated 3 months ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆436Updated 2 weeks ago
• chronicle / GCTI
  ☆521Updated 9 months ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆578Updated 3 months ago
• scythe-io / community-threats
  ☆632Updated this week
• AndrewRathbun / DFIRMindMaps
  A repository of DFIR-related Mind Maps geared towards the visual learners!
  ☆508Updated 2 years ago
• JoelGMSec / PSRansom
  PowerShell Ransomware Simulator with C2 Server
  ☆456Updated 8 months ago
• vectra-ai-research / MAAD-AF
  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
  ☆350Updated last week
• mvelazc0 / PurpleSharp
  PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…
  ☆767Updated last year
• idnahacks / GoodHound
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆444Updated 2 months ago
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆830Updated 2 years ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆307Updated last month
• sbousseaden / Slides
  Misc Threat Hunting Resources
  ☆368Updated last year
• layer8secure / SilentHound
  Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
  ☆475Updated last year
• k1nd0ne / VolWeb
  A centralized and enhanced memory analysis platform
  ☆355Updated last week
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆186Updated last month
• punk-security / smbeagle
  SMBeagle - Fileshare auditing tool.
  ☆690Updated last year
• lucky-luk3 / Grafiki
  Threat Hunting tool about Sysmon and graphs
  ☆328Updated last year
• scythe-io / purple-team-exercise-framework
  Purple Team Exercise Framework
  ☆584Updated 8 months ago
• redcanaryco / invoke-atomicredteam
  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…
  ☆818Updated last month
• WithSecureLabs / LinuxCatScale
  Incident Response collection and processing scripts with automated reporting scripts
  ☆258Updated 2 months ago
• zeronetworks / BloodHound-Tools
  Collection of tools that reflect the network dimension into Bloodhound's data
  ☆436Updated last year
• evild3ad / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆485Updated this week