ahmedkhlief / APT-HunterLinks
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
☆1,358Updated 8 months ago
Alternatives and similar repositories for APT-Hunter
Users that are interested in APT-Hunter are comparing it to the libraries listed below
Sorting:
- Open Source EDR for Windows☆1,261Updated 2 years ago
- Defences against Cobalt Strike☆1,286Updated 3 years ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆938Updated 2 months ago
- An Active Defense and EDR software to empower Blue Teams☆1,282Updated last year
- Elastic Security detection content for Endpoint☆1,243Updated 2 weeks ago
- Windows Events Attack Samples☆2,400Updated 2 years ago
- Automatically created C2 Feeds☆631Updated this week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆731Updated 3 months ago
- ☆547Updated last year
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆852Updated 3 years ago
- ☆1,081Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆584Updated 6 months ago
- Sophos-originated indicators-of-compromise from published reports☆608Updated this week
- ☆513Updated 9 months ago
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆782Updated 2 years ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,817Updated last month
- Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.☆942Updated 4 months ago
- Utilities for Sysmon☆1,533Updated 5 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆930Updated last year
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆913Updated 3 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆515Updated 4 years ago
- RegRipper3.0☆627Updated 7 months ago
- Detect Tactics, Techniques & Combat Threats☆2,187Updated last week
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,934Updated last year
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,495Updated last week
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,163Updated 2 years ago
- Ransomware simulator written in Golang☆442Updated 3 years ago
- MITRE ATT&CK Website☆538Updated last month
- A toolset to make a system look as if it was the victim of an APT attack☆2,632Updated 2 years ago
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,272Updated 2 years ago