ahmedkhlief / APT-HunterLinks
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
☆1,381Updated 11 months ago
Alternatives and similar repositories for APT-Hunter
Users that are interested in APT-Hunter are comparing it to the libraries listed below
Sorting:
- Open Source EDR for Windows☆1,277Updated 2 years ago
- Defences against Cobalt Strike☆1,290Updated 3 years ago
- Automatically created C2 Feeds☆648Updated this week
- Elastic Security detection content for Endpoint☆1,306Updated last week
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆963Updated last month
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆749Updated 6 months ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆856Updated 3 years ago
- ☆553Updated last year
- Windows Events Attack Samples☆2,433Updated 2 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,305Updated 2 years ago
- ☆1,111Updated last year
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,842Updated last week
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆780Updated 2 years ago
- Utilities for Sysmon☆1,551Updated last month
- Sophos-originated indicators-of-compromise from published reports☆632Updated 2 months ago
- ☆513Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆592Updated 9 months ago
- Ransomware simulator written in Golang☆451Updated 3 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆521Updated 4 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆946Updated 2 years ago
- RegRipper3.0☆648Updated 10 months ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆917Updated 4 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,002Updated this week
- Interesting APT Report Collection And Some Special IOCs☆2,684Updated last week
- Detect Tactics, Techniques & Combat Threats☆2,211Updated last week
- Guidance for mitigation web shells. #nsacyber☆982Updated 2 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,518Updated 3 weeks ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,762Updated 11 months ago
- Utilities for MITRE™ ATT&CK☆1,041Updated last month
- Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.☆951Updated last month