NextronSystems / ransomware-simulator
Ransomware simulator written in Golang
☆401Updated 2 years ago
Related projects: ⓘ
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆658Updated last month
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆497Updated 2 weeks ago
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆287Updated 2 years ago
- ☆503Updated last month
- Automatically created C2 Feeds☆509Updated this week
- a tool to help operate in EDRs' blind spots☆639Updated 5 months ago
- MAL-CL (Malicious Command-Line)☆308Updated last year
- Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques☆300Updated 3 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆436Updated 2 weeks ago
- ☆521Updated 9 months ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆578Updated 3 months ago
- ☆632Updated this week
- A repository of DFIR-related Mind Maps geared towards the visual learners!☆508Updated 2 years ago
- PowerShell Ransomware Simulator with C2 Server☆456Updated 8 months ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆350Updated last week
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆767Updated last year
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆444Updated 2 months ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆830Updated 2 years ago
- Signatures and IoCs from public Volexity blog posts.☆307Updated last month
- Misc Threat Hunting Resources☆368Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆475Updated last year
- A centralized and enhanced memory analysis platform☆355Updated last week
- Rules generated from our investigations.☆186Updated last month
- SMBeagle - Fileshare auditing tool.☆690Updated last year
- Threat Hunting tool about Sysmon and graphs☆328Updated last year
- Purple Team Exercise Framework☆584Updated 8 months ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆818Updated last month
- Incident Response collection and processing scripts with automated reporting scripts☆258Updated 2 months ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆436Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆485Updated this week