Resolvn Threat Hunting Virtual Machine
☆139Aug 16, 2019Updated 6 years ago
Alternatives and similar repositories for RTHVM
Users that are interested in RTHVM are comparing it to the libraries listed below
Sorting:
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- Petaq - Purple Team Command & Control Server☆105Dec 8, 2022Updated 3 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆574Dec 12, 2021Updated 4 years ago
- Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…☆52Jul 23, 2020Updated 5 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- Test Blue Team detections without running any attack.☆271May 2, 2024Updated last year
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Toolset for research malware and Cobalt Strike beacons☆211Mar 11, 2025Updated 11 months ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated last month
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆35Jul 8, 2019Updated 6 years ago
- Expert Investigation Guides☆51Mar 18, 2021Updated 4 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆290Jan 15, 2024Updated 2 years ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 6 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆209Oct 19, 2020Updated 5 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,316Aug 10, 2023Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Tools for the Computer Incident Response Team☆150Apr 17, 2017Updated 8 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago
- Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-Cradle…☆315Oct 21, 2021Updated 4 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Public Repo for Atomic Test Harness☆282Apr 8, 2025Updated 10 months ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,370Feb 10, 2026Updated 2 weeks ago
- Tool Analysis Result Sheet☆356Dec 4, 2017Updated 8 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- snake - a malware storage zoo☆217Jul 11, 2023Updated 2 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated last month
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆843Updated this week