Alternatives and similar repositories for easy-wins-endpoint-defense

Users that are interested in easy-wins-endpoint-defense are comparing it to the libraries listed below

• keydet89 / Events-Ripper

  View on GitHub
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆89Feb 9, 2025Updated last year
• herbiezimmerman / Windows-Event-Logs-With-Event-IDs

  View on GitHub
  A running list of Windows sources and the related event ids.
  ☆19Aug 2, 2023Updated 2 years ago
• mdsecactivebreach / PleasantTools

  View on GitHub
  Tools for Attacking Pleasant Password Server
  ☆22Sep 19, 2023Updated 2 years ago
• accuknox / k8sthreatmodeling

  View on GitHub
  Threat Modeling (based on STRIDE approach) for Kubernetes systems.
  ☆25Oct 14, 2024Updated last year
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• RAB301000001C3 / PCAPEXTRACT

  View on GitHub
  Packet Analysis on Steroids
  ☆12Oct 20, 2022Updated 3 years ago
• jstrosch / subcrawl

  View on GitHub
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆55Dec 5, 2024Updated last year
• globecyber / Infornito

  View on GitHub
  Extract forensic interesting information from Chrome, Firefox, Safari browsers ...
  ☆27May 11, 2019Updated 6 years ago
• brianreitz / awesome-blueteam

  View on GitHub
  A list of resources to build a information security team.
  ☆13Feb 10, 2021Updated 5 years ago
• petebryan / blue_team_con

  View on GitHub
  ☆17Aug 27, 2022Updated 3 years ago
• elementalsouls / DumpLSASS

  View on GitHub
  ☆33Feb 27, 2024Updated last year
• SigmaHQ / pySigma-backend-insightidr

  View on GitHub
  ☆15Aug 29, 2025Updated 5 months ago
• blackhillsinfosec / EventLogging

  View on GitHub
  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
  ☆489Nov 21, 2024Updated last year
• aapooksman / privateAPN

  View on GitHub
  Set of tools and documentation for leveraging private APNs for mobile network traffic analysis
  ☆28Sep 2, 2024Updated last year
• EdwardsCP / powershell-scripts

  View on GitHub
  ☆25Dec 8, 2021Updated 4 years ago
• riparino / Task_Scheduler_ALPC

  View on GitHub
  PoC exploit for late August 2018 Task Scheduler ALPC Vulnerability
  ☆24Oct 10, 2019Updated 6 years ago
• moloch-- / sliver-script

  View on GitHub
  TypeScript/JavaScript client libraries for Sliver
  ☆24Feb 27, 2023Updated 2 years ago
• weslambert / velocistack

  View on GitHub
  ☆54May 14, 2024Updated last year
• connormcgarr / Presentations

  View on GitHub
  ☆30Sep 5, 2025Updated 5 months ago
• mubix / windows-hardening

  View on GitHub
  Because I can't find scripts to do this anywhere else...
  ☆26Dec 27, 2016Updated 9 years ago
• archanchoudhury / Threat-Hunting

  View on GitHub
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Aug 23, 2022Updated 3 years ago
• idnahacks / GoodHound

  View on GitHub
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆483Jul 9, 2024Updated last year
• larryhastings / pyweek24

  View on GitHub
  PyWeek #24 entry for Dan and Larry
  ☆20Feb 13, 2018Updated 8 years ago
• rootsecdev / Presentations

  View on GitHub
  Presentations from Conferences
  ☆30Sep 14, 2024Updated last year
• jgasmussen / Case_Notes.py

  View on GitHub
  Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.
  ☆26Jun 24, 2023Updated 2 years ago
• invictus-ir / ALFA

  View on GitHub
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆173Jan 30, 2026Updated 2 weeks ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 7 months ago
• reprise99 / 4688-sysmon

  View on GitHub
  ☆61Jun 24, 2023Updated 2 years ago
• MagnetForensics / Magnet-RESPONSE-PowerShell

  View on GitHub
  PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
  ☆30Jan 9, 2025Updated last year
• bvoris / mitreattackthreatmodeling

  View on GitHub
  This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework
  ☆30Jan 7, 2026Updated last month
• ostif-org / OSTIF

  View on GitHub
  Security Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF
  ☆35Jan 21, 2026Updated 3 weeks ago
• cudeso / CSIRT-Jump-Bag

  View on GitHub
  CSIRT Jump Bag
  ☆27Apr 25, 2024Updated last year
• mandiant / citrix-ioc-scanner-cve-2023-3519

  View on GitHub
  ☆66Sep 1, 2023Updated 2 years ago
• its-a-feature / HealthInspector

  View on GitHub
  JXA situational awareness helper by simply reading specific files on a filesystem
  ☆82Feb 18, 2022Updated 3 years ago
• wand3rlust / Hitchhikers-Guide-to-URL-Analysis

  View on GitHub
  Collection of Tools & Techniques for analyzing URLs
  ☆33Oct 1, 2023Updated 2 years ago
• raesene / eathar

  View on GitHub
  ☆45May 12, 2025Updated 9 months ago
• michael-fischer / SaintconPython

  View on GitHub
  One Day of Python for SaintCon 2022
  ☆11Jan 3, 2023Updated 3 years ago
• yoryio / ShodanFavicon

  View on GitHub
  List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.
  ☆35Apr 14, 2024Updated last year
• DingyShark / nuclei-scan-sort

  View on GitHub
  Simple Python script to sort nuclei scans by severity and URL
  ☆29May 24, 2023Updated 2 years ago