ahmedkhlief / APT-HunterLinks
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
☆1,366Updated 9 months ago
Alternatives and similar repositories for APT-Hunter
Users that are interested in APT-Hunter are comparing it to the libraries listed below
Sorting:
- Open Source EDR for Windows☆1,269Updated 2 years ago
- Defences against Cobalt Strike☆1,288Updated 3 years ago
- Automatically created C2 Feeds☆636Updated this week
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆943Updated 3 months ago
- Elastic Security detection content for Endpoint☆1,259Updated last week
- ☆549Updated last year
- An Active Defense and EDR software to empower Blue Teams☆1,291Updated 2 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆738Updated 4 months ago
- Windows Events Attack Samples☆2,412Updated 2 years ago
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆783Updated 2 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆854Updated 3 years ago
- ☆1,093Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆588Updated 7 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,824Updated 2 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆936Updated last year
- Sophos-originated indicators-of-compromise from published reports☆626Updated 2 weeks ago
- ☆513Updated 10 months ago
- Ransomware simulator written in Golang☆445Updated 3 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆914Updated 4 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,969Updated last year
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,501Updated last month
- Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.☆944Updated 5 months ago
- Interesting APT Report Collection And Some Special IOCs☆2,667Updated this week
- Utilities for Sysmon☆1,539Updated 5 months ago
- RegRipper3.0☆634Updated 8 months ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,636Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,194Updated 3 weeks ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆517Updated 4 years ago
- Scan installed EDRs and AVs on Windows☆591Updated last month
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,319Updated last year