ahmedkhlief / APT-HunterLinks
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
☆1,341Updated 7 months ago
Alternatives and similar repositories for APT-Hunter
Users that are interested in APT-Hunter are comparing it to the libraries listed below
Sorting:
- Defences against Cobalt Strike☆1,288Updated 2 years ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆917Updated last month
- Windows Events Attack Samples☆2,375Updated 2 years ago
- Open Source EDR for Windows☆1,251Updated 2 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,277Updated last year
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆720Updated 2 months ago
- Automatically created C2 Feeds☆618Updated this week
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆577Updated 5 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆913Updated last year
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,485Updated this week
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,158Updated last year
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆852Updated 3 years ago
- ☆516Updated 8 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago
- A repository of sysmon configuration modules☆2,812Updated 10 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,810Updated last week
- TrustedSec Sysinternals Sysmon Community Guide☆1,220Updated last year
- Detect Tactics, Techniques & Combat Threats☆2,175Updated 3 weeks ago
- Hunting queries and detections☆807Updated 5 months ago
- Utilities for MITRE™ ATT&CK☆1,032Updated last year
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆809Updated 6 months ago
- ☆545Updated last year
- Bloodhound Reporting for Blue and Purple Teams☆1,200Updated 4 months ago
- Sophos-originated indicators-of-compromise from published reports☆599Updated 2 weeks ago
- ☆1,068Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆616Updated last year
- Utilities for Sysmon☆1,529Updated 3 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,906Updated last year
- ☆2,289Updated last year
- Actionable analytics designed to combat threats☆989Updated 3 years ago