alwashali / detection-validationLinks
Detection rule validation
☆41Updated last year
Alternatives and similar repositories for detection-validation
Users that are interested in detection-validation are comparing it to the libraries listed below
Sorting:
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆53Updated 8 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 2 months ago
- Yara Rules for Modern Malware☆79Updated last year
- Contains compiled binaries of Volatility☆34Updated 3 months ago
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 8 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 2 years ago
- ☆33Updated last year
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated 2 years ago
- Baseline a Windows System against LOLBAS☆29Updated last year
- Thor Artifacts for Velociraptor☆17Updated last year
- A home for detection content developed by the delivr.to team☆70Updated 2 weeks ago
- ☆22Updated 2 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- A full analysis report detailing as much as possible of a Malware or a Threat☆30Updated last year
- Quick ESXi Log Parser☆24Updated last week
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆69Updated 2 months ago
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆71Updated 11 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated 2 years ago