Alternatives and similar repositories for Expert-Rules

Users that are interested in Expert-Rules are comparing it to the libraries listed below

• mitre / emu

  View on GitHub
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆34Oct 7, 2025Updated 4 months ago
• marksowell / Kali-Linux-to-DigitalOcean

  View on GitHub
  A GitHub Action to convert the Kali Linux Generic Cloud Image and upload it to Custom Images in DigitalOcean.
  ☆13Apr 26, 2025Updated 9 months ago
• maartengoet / meetup

  View on GitHub
  Dutch Microsoft & Security Meetup
  ☆14Dec 11, 2023Updated 2 years ago
• trellix-enterprise / RTS-Queries

  View on GitHub
  Practical Orientation Of MVISION EDR Query Language
  ☆34Feb 10, 2023Updated 3 years ago
• InternetHealthReport / ip2asn

  View on GitHub
  Longitudinal IP to ASN mapping
  ☆13Aug 23, 2025Updated 5 months ago
• NeosIT / generic-exchange-transport-agent

  View on GitHub
  ☆14Feb 7, 2019Updated 7 years ago
• hasherezade / libpeconv_and_detours_tpl

  View on GitHub
  A template for projects using both libPeConv and MS Detours
  ☆16Oct 5, 2025Updated 4 months ago
• bufferbandit / silent_cleanup_uac_bypass

  View on GitHub
  Silent Cleanup UAC Bypass POC
  ☆11Dec 15, 2019Updated 6 years ago
• SoulSec / Resource-Threat-Intelligence

  View on GitHub
  Repository resource threat intelligence for SOC
  ☆10Sep 14, 2018Updated 7 years ago
• robertdavidgraham / robutils

  View on GitHub
  A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.
  ☆12Jul 26, 2020Updated 5 years ago
• therealdreg / pdbdump_bochs

  View on GitHub
  Dump PDB Symbols including support for Bochs Debugging Format (with wine support)
  ☆14Aug 11, 2023Updated 2 years ago
• eshlomo1 / Ransomware-NOTE

  View on GitHub
  All about ransomware notes and extension files.
  ☆14Aug 26, 2023Updated 2 years ago
• kost / webshell-portlet

  View on GitHub
  Web shell as Portlet (useful for Websphere Portal, JBoss Portal, etc.)
  ☆12Aug 27, 2016Updated 9 years ago
• Maff1t / InjectionTracer

  View on GitHub
  PINTool to help analyzing malware that uses process injection
  ☆15Jan 3, 2022Updated 4 years ago
• MantisSTS / JSReconduit

  View on GitHub
  Passive JavaScript reconnaissance for penetration testers — bridging Burp Suite traffic into structured, AST-based analysis in VSCode.
  ☆35Feb 5, 2026Updated last week
• ColdHeat / UnitedStates

  View on GitHub
  A United States map CTFd theme
  ☆12Aug 28, 2017Updated 8 years ago
• connormcgarr / Shellcode

  View on GitHub
  Various shellcodes
  ☆13Sep 1, 2020Updated 5 years ago
• filescanio / fsio-cli

  View on GitHub
  Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances
  ☆14Jul 15, 2025Updated 7 months ago
• nov3mb3r / dfir

  View on GitHub
  Collection of popular DFIR tools in a lightweight and fast docker image
  ☆11Nov 17, 2019Updated 6 years ago
• fpiette / Delphi-ImpersonateUser

  View on GitHub
  Code to make a Delphi program act as another user. Demo provide to access a file owned by another user.
  ☆11Feb 8, 2022Updated 4 years ago
• lexesv / govcl-1

  View on GitHub
  A cross-platform Golang GUI library. Use Delphi VCL and Lazarus LCL for binding.
  ☆10Jan 22, 2019Updated 7 years ago
• renorobert / core2elf

  View on GitHub
  ☆13Aug 28, 2018Updated 7 years ago
• 0xsp-SRD / PAS-mini-c2c-

  View on GitHub
  ☆12Oct 9, 2022Updated 3 years ago
• kofrasa / flask-activerecord

  View on GitHub
  ActiveRecord patch for Flask-SQLAlchemy models
  ☆15Apr 10, 2018Updated 7 years ago
• icy / genvsub

  View on GitHub
  Another way to substitute environment variables in shell format strings ${FOO}, designed for k8s stuff
  ☆13Mar 20, 2023Updated 2 years ago
• Jaza / flask-s3-save-example

  View on GitHub
  An example Flask app that uses s3-saver, url-for-s3, flask-thumbnails-s3, and flask-admin-s3-upload to store and retrieve files on Amazon…
  ☆10Aug 28, 2015Updated 10 years ago
• shubham0d / SymBlock

  View on GitHub
  A windows kernel driver to Block symbolic link exploit used for privilege escalation.
  ☆15Jul 30, 2020Updated 5 years ago
• netscaler / citrix-adc-azure-templates

  View on GitHub
  Part of NetScaler Automation Toolkit
  ☆16Nov 15, 2024Updated last year
• DeanCefola / Azure-Blueprints

  View on GitHub
  Blueprints repo, new samples, ARM Templates for Blueprints, exported/importable Blueprints
  ☆10Jan 9, 2025Updated last year
• timothywarner / azblueprints

  View on GitHub
  ☆12Sep 1, 2020Updated 5 years ago
• KasperskyLab / Articles

  View on GitHub
  ☆17Sep 15, 2017Updated 8 years ago
• Starke427 / Windows-Security-Policy

  View on GitHub
  Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.
  ☆14Aug 22, 2020Updated 5 years ago
• ch33r10 / DEFCON29-BTV-ThreatReportRoulette

  View on GitHub
  Learn how to get more out of publicly available threat reports to help improve the security posture of your organization! TLP: White Thre…
  ☆15Jun 5, 2023Updated 2 years ago
• nimrodpar / Crawl-Labeled-PE

  View on GitHub
  Crawl (~600K) labeled Portable Exe files from Microsoft Cabs
  ☆14Jul 31, 2021Updated 4 years ago
• JonathanERC / PCNameByUser-SCCM

  View on GitHub
  Powershell script to get all user devices registered in SCCM.
  ☆15Jul 23, 2021Updated 4 years ago
• themeldingwars / Be.HexEditor

  View on GitHub
  A modified fork of Be.HexEditor for use in debug tools
  ☆14Jan 5, 2022Updated 4 years ago
• TheIRGurus / Playbooks

  View on GitHub
  Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…
  ☆17May 1, 2024Updated last year
• meditechopen / meditech-thuctap

  View on GitHub
  ☆12Apr 24, 2019Updated 6 years ago
• sonadorje / openssl4delphi

  View on GitHub
  ☆12Nov 12, 2022Updated 3 years ago