Data visualization for blue teams
☆127Jan 20, 2023Updated 3 years ago
Alternatives and similar repositories for detectree
Users that are interested in detectree are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Analyzing AD domains for security risks related to user accounts☆64Nov 11, 2022Updated 3 years ago
- Evtx Log (xml) Browser☆59Mar 12, 2023Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- ☆20May 30, 2025Updated 11 months ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆48Jan 2, 2022Updated 4 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆812May 15, 2026Updated last week
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Jun 4, 2022Updated 3 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆866Jan 20, 2022Updated 4 years ago
- A wireshark plugin to instrument ETW☆586Jan 28, 2022Updated 4 years ago
- ☆43Oct 11, 2023Updated 2 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226May 1, 2021Updated 5 years ago
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆822Apr 18, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Rapidly Search and Hunt through Windows Forensic Artefacts☆3,548May 9, 2026Updated last week
- A collection of Script for Red Team & Incidence Response☆11Jun 30, 2022Updated 3 years ago
- Tool to start processes as SYSTEM using token duplication☆37Oct 27, 2020Updated 5 years ago
- ☆225Sep 8, 2022Updated 3 years ago
- Threat Hunting tool about Sysmon and graphs☆339May 28, 2023Updated 2 years ago
- JSON schemas for validating CACAO Security Playbooks. Note: In December 2023, Cyentific AS offered and transferred the content of this re…☆19Dec 15, 2023Updated 2 years ago
- Microsoft Threat Intelligence Security Tools☆1,968May 11, 2026Updated last week
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 4 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Open source training materials for law-enforcement and organisations interested in DFIR.☆63May 30, 2025Updated 11 months ago
- Transform Linux Audit logs for SIEM usage☆828May 15, 2026Updated last week
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆254Nov 18, 2024Updated last year
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Windows Events Attack Samples☆2,560Jan 24, 2023Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆652Jun 19, 2024Updated last year
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,363Apr 4, 2024Updated 2 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- Collaborative Incident Response platform☆1,491Apr 28, 2026Updated 3 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- ☆218May 11, 2026Updated last week
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- ☆35Oct 20, 2024Updated last year
- RPC Monitor tool based on Event Tracing for Windows☆394Aug 19, 2024Updated last year
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,951May 14, 2026Updated last week
- Re-play Security Events☆1,753Mar 20, 2024Updated 2 years ago