Repository of resources for configuring a Red Team SIEM using Elastic
☆101Jul 10, 2018Updated 7 years ago
Alternatives and similar repositories for RedTeamSIEM
Users that are interested in RedTeamSIEM are comparing it to the libraries listed below
Sorting:
- ☆98Feb 21, 2019Updated 7 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆29Sep 17, 2019Updated 6 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Easily serve HTTP and DNS keys for proper payload protection☆59Nov 10, 2018Updated 7 years ago
- DNS logging, detection, ...☆15Mar 5, 2022Updated 3 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆269Mar 17, 2023Updated 2 years ago
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…☆2,624Dec 13, 2025Updated 2 months ago
- Splunk Dashboard for CobaltStrike logs☆90Mar 16, 2021Updated 4 years ago
- CCDC Red Team PWNboard☆77Mar 29, 2018Updated 7 years ago
- ☆166Feb 13, 2020Updated 6 years ago
- ☆71Nov 20, 2020Updated 5 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- C# Implementation of Get-VaultCredential☆14Jul 31, 2018Updated 7 years ago
- Burp extension to find and decode BigIP and Netscaler cookies☆15Jul 20, 2018Updated 7 years ago
- Aggressor Scripts for Cobalt Strike☆76Mar 9, 2024Updated last year
- ☆399Jan 7, 2026Updated last month
- Automate creating resilient, disposable, secure and agile infrastructure for Red Teams☆385Mar 5, 2020Updated 5 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆170Aug 10, 2020Updated 5 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Scripts and results for finding domain frontable CloudFront domains☆54Feb 23, 2018Updated 8 years ago
- Disposable and resilient red team infrastructure with Terraform☆278Feb 1, 2019Updated 7 years ago
- Search for potential frontable domains☆644Mar 22, 2023Updated 2 years ago
- One-off scripts☆52Sep 4, 2017Updated 8 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- One line PS scripts that may come handy during your network assesment☆80Mar 8, 2020Updated 5 years ago
- Log Entry to Sigma Rule Converter☆107Mar 3, 2022Updated 4 years ago
- (PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.☆44Aug 1, 2021Updated 4 years ago
- This module helps you get started with basic Zigbee analysis, and later on performing additional attacks on the Zigbee protocol.☆12Nov 23, 2016Updated 9 years ago
- ☆10Nov 21, 2023Updated 2 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Powershell Threat Hunting Module☆290Sep 21, 2016Updated 9 years ago
- Managed code hooking template.☆134Nov 19, 2021Updated 4 years ago
- Sheepl : Creating realistic user behaviour for supporting tradecraft development within lab environments☆401Feb 27, 2024Updated 2 years ago
- ☆133Jul 14, 2021Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Penetration Testing Methodology - short notes☆11May 30, 2015Updated 10 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago
- An information security preparedness tool to do adversarial simulation.☆1,139Apr 1, 2019Updated 6 years ago