ahmedkhlief / APT-HunterLinks
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
☆1,338Updated 6 months ago
Alternatives and similar repositories for APT-Hunter
Users that are interested in APT-Hunter are comparing it to the libraries listed below
Sorting:
- Defences against Cobalt Strike☆1,284Updated 2 years ago
- Open Source EDR for Windows☆1,248Updated 2 years ago
- Windows Events Attack Samples☆2,365Updated 2 years ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆909Updated last week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆716Updated last month
- An Active Defense and EDR software to empower Blue Teams☆1,276Updated last year
- Automatically created C2 Feeds☆614Updated this week
- ☆516Updated 7 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆906Updated last year
- Detect Tactics, Techniques & Combat Threats☆2,161Updated this week
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆575Updated 4 months ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,476Updated 2 weeks ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆851Updated 3 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,891Updated 11 months ago
- ☆1,057Updated last year
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆783Updated 2 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- A toolset to make a system look as if it was the victim of an APT attack☆2,601Updated last year
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆1,905Updated this week
- Re-play Security Events☆1,647Updated last year
- A set of Zeek scripts to detect ATT&CK techniques.☆592Updated 11 months ago
- ☆544Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆510Updated 4 years ago
- Utilities for MITRE™ ATT&CK☆1,030Updated last year
- RegRipper3.0☆612Updated 5 months ago
- Utilities for Sysmon☆1,524Updated 3 months ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆807Updated 5 months ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆906Updated 3 years ago
- Bloodhound Reporting for Blue and Purple Teams☆1,198Updated 3 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆707Updated 2 years ago