Data visualization for blue teams
☆126Jan 20, 2023Updated 3 years ago
Alternatives and similar repositories for detectree
Users that are interested in detectree are comparing it to the libraries listed below
Sorting:
- Analyzing AD domains for security risks related to user accounts☆64Nov 11, 2022Updated 3 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- ☆20May 30, 2025Updated 9 months ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 6 months ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Jun 4, 2022Updated 3 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆864Jan 20, 2022Updated 4 years ago
- A wireshark plugin to instrument ETW☆580Jan 28, 2022Updated 4 years ago
- ☆43Oct 11, 2023Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆223May 1, 2021Updated 4 years ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆818Mar 6, 2026Updated 2 weeks ago
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,476Mar 2, 2026Updated 2 weeks ago
- A collection of Script for Red Team & Incidence Response☆11Jun 30, 2022Updated 3 years ago
- Tool to start processes as SYSTEM using token duplication☆37Oct 27, 2020Updated 5 years ago
- ☆225Sep 8, 2022Updated 3 years ago
- Threat Hunting tool about Sysmon and graphs☆337May 28, 2023Updated 2 years ago
- JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…☆19Dec 15, 2023Updated 2 years ago
- Microsoft Threat Intelligence Security Tools☆1,954Mar 6, 2026Updated 2 weeks ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆63May 30, 2025Updated 9 months ago
- Transform Linux Audit logs for SIEM usage☆821Mar 5, 2026Updated 2 weeks ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆254Nov 18, 2024Updated last year
- Stats about HTTP response security headers usage mentioned by the OSHP.☆17Jan 25, 2026Updated last month
- Windows Events Attack Samples☆2,526Jan 24, 2023Updated 3 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,360Apr 4, 2024Updated last year
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- Collaborative Incident Response platform☆1,444Feb 16, 2026Updated last month
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- RPC Monitor tool based on Event Tracing for Windows☆388Aug 19, 2024Updated last year
- ☆215Dec 2, 2025Updated 3 months ago
- ☆35Oct 20, 2024Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,931Jan 20, 2026Updated 2 months ago