TactiKoolSec/MFT-Detect-Response external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

TactiKoolSec/MFT-Detect-Response

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/TactiKoolSec/MFT-Detect-Response)

Close

TactiKoolSec / MFT-Detect-ResponseView on GitHubMore

• External links
• Readme badge

Common framework for designing a detection and response framework for the most common MFT solutions

☆16Aug 4, 2023Updated 2 years ago

Alternatives and similar repositories for MFT-Detect-Response

Users that are interested in MFT-Detect-Response are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• GDATAAdvancedAnalytics / winreg-tasks

  View on GitHub
  ☆21Jul 4, 2022Updated 3 years ago
• MSAdministrator / msi-utils

  View on GitHub
  A python package that helps with analysis of MSI files
  ☆14Mar 28, 2021Updated 5 years ago
• susMdT / fictional-invention

  View on GitHub
  idk man this was the default github name
  ☆35Apr 23, 2023Updated 3 years ago
• g-les / macho_similarity

  View on GitHub
  Conceptual Methods for Finding Commonalities in Macho Files
  ☆13Mar 21, 2024Updated 2 years ago
• CWE-CAPEC / AI-Working-Group

  View on GitHub
  A document repository for the CWE AI Working Group, a forum for CWE™ and CVE® community stakeholders to identify and address gaps in the …
  ☆13Jun 29, 2025Updated 11 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• NexusFuzzy / AzoDecrypt

  View on GitHub
  Script which is able to decrypt data sent to AzoRult 3.3 Server
  ☆11Feb 5, 2021Updated 5 years ago
• mandiant / rpdebug_qnx

  View on GitHub
  ☆14Jun 1, 2023Updated 3 years ago
• naxonez / Scripts

  View on GitHub
  Random Scripts and Tools
  ☆14May 16, 2026Updated 3 weeks ago
• 0xjet / malsource

  View on GitHub
  The malsource dataset
  ☆12Aug 31, 2021Updated 4 years ago
• ring0x0 / emotet-configs

  View on GitHub
  emotet configs pulled from https://cape.contextis.com/
  ☆15Apr 27, 2022Updated 4 years ago
• center-for-threat-informed-defense / attack-sync

  View on GitHub
  ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…
  ☆28May 19, 2026Updated 3 weeks ago
• center-for-threat-informed-defense / defending-ot-with-attack

  View on GitHub
  Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technolog…
  ☆15May 28, 2025Updated last year
• Beercow / SEPparser

  View on GitHub
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆65Dec 21, 2022Updated 3 years ago
• Atomics-on-A-Friday / Emulation-Tools

  View on GitHub
  ☆32Mar 21, 2023Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• herbiezimmerman / Windows-Event-Logs-With-Event-IDs

  View on GitHub
  A running list of Windows sources and the related event ids.
  ☆19Aug 2, 2023Updated 2 years ago
• keydet89 / Events-Ripper

  View on GitHub
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆89Feb 9, 2025Updated last year
• petikvx / malwares-analysis-tools

  View on GitHub
  ☆19Jul 29, 2022Updated 3 years ago
• aiforsec22 / IEEEEuroSP23

  View on GitHub
  ☆25Jul 12, 2023Updated 2 years ago
• dirkjanm / family-of-client-ids-research

  View on GitHub
  Research into Undocumented Behavior of Azure AD Refresh Tokens
  ☆13Oct 27, 2023Updated 2 years ago
• olafhartong / PockETWatcher

  View on GitHub
  a tiny program to consume from ETW providers for research
  ☆55Jan 4, 2025Updated last year
• forensicmatt / PyWindowsThingies

  View on GitHub
  Windows Thingies in Python for live use.
  ☆24Apr 22, 2019Updated 7 years ago
• nmantani / PS-TrustedDocuments

  View on GitHub
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆37Mar 15, 2023Updated 3 years ago
• Kudaes / Puzzle

  View on GitHub
  Set of PoC to abuse Windows minifilters functionality
  ☆84May 1, 2026Updated last month
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• timwhitez / Freeze-Common

  View on GitHub
  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
  ☆13Sep 30, 2022Updated 3 years ago
• Sq00ky / csharp-portscanner

  View on GitHub
  simple C# portscanner - written for playing around with Metasploit's Execute-Assembly
  ☆10Jul 1, 2023Updated 2 years ago
• lolfsaas / lolfsaas.github.io

  View on GitHub
  Living of the Land of Free SaaS
  ☆76Mar 22, 2026Updated 2 months ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles

  View on GitHub
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆89Jul 7, 2022Updated 3 years ago
• TactiKoolSec / SideLoadHunter

  View on GitHub
  ☆12May 2, 2022Updated 4 years ago
• n1ght-w0lf / pe-unmapper

  View on GitHub
  A small tool to unmap PE memory dumps.
  ☆11Nov 9, 2023Updated 2 years ago
• DarkObb / DeObfuscar-Static

  View on GitHub
  Static Obfuscar Deobfuscator
  ☆21Aug 31, 2019Updated 6 years ago
• DreyAnd / WhoDupMe

  View on GitHub
  ☆13Jun 12, 2023Updated 2 years ago
• msuhanov / regf-samples

  View on GitHub
  Windows registry samples
  ☆24Nov 18, 2018Updated 7 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• Permiso-io-tools / Inboxfuscation

  View on GitHub
  Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.
  ☆83Sep 11, 2025Updated 8 months ago
• 0xflux / Scil

  View on GitHub
  System Call Integrity Layer - experimental security research
  ☆27Apr 14, 2026Updated last month
• 0x4143 / adversaryemulation-gems

  View on GitHub
  A not so awesome list of adversary emulation gems for aspiring red/blue/purple teamers
  ☆16Jul 19, 2022Updated 3 years ago
• emdnaia / OdinLdr

  View on GitHub
  Cobaltstrike UDRL with memory evasion
  ☆15May 16, 2024Updated 2 years ago
• zha0 / DarkPulsar

  View on GitHub
  EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!
  ☆16Oct 11, 2020Updated 5 years ago
• Pascal-0x90 / sideloadr

  View on GitHub
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆57Oct 10, 2022Updated 3 years ago
• NUSGreyhats / greyctf24-challs-public

  View on GitHub
  ☆15Jul 28, 2024Updated last year