Resolvn Threat Hunting Virtual Machine
☆139Aug 16, 2019Updated 6 years ago
Alternatives and similar repositories for RTHVM
Users that are interested in RTHVM are comparing it to the libraries listed below
Sorting:
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- ☆19Oct 23, 2020Updated 5 years ago
- Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…☆52Jul 23, 2020Updated 5 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,080Nov 28, 2024Updated last year
- Microsoft Flow Attack Framework☆23Nov 14, 2019Updated 6 years ago
- Toolset for research malware and Cobalt Strike beacons☆211Mar 11, 2025Updated last year
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆210Oct 19, 2020Updated 5 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,315Aug 10, 2023Updated 2 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated 2 months ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago
- Scripts targeting specific families☆13Jul 3, 2017Updated 8 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated 2 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- Expert Investigation Guides☆51Mar 18, 2021Updated 5 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 7 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,384Feb 10, 2026Updated last month
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- Windows Events Attack Samples☆2,526Jan 24, 2023Updated 3 years ago
- Public Repo for Atomic Test Harness☆284Apr 8, 2025Updated 11 months ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 weeks ago
- All-in-one bundle of MISP, TheHive and Cortex☆170Sep 27, 2022Updated 3 years ago
- ☆12Mar 24, 2018Updated 7 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- Threat Hunting tool about Sysmon and graphs☆337May 28, 2023Updated 2 years ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,722Sep 23, 2025Updated 5 months ago