Cyber Attack/Defense home lab using Sliver, LimaCharlie [SIEM], & VM's to simulate C&C, Threat Detection, etc.
☆12Aug 31, 2023Updated 2 years ago
Alternatives and similar repositories for Document-SOC-SIEM-Homelab
Users that are interested in Document-SOC-SIEM-Homelab are comparing it to the libraries listed below
Sorting:
- Creating a remote keylogger in Python and disguising the executable as a JPEG.☆13Aug 30, 2023Updated 2 years ago
- ultimate-cybersecurity-lab☆23Mar 19, 2024Updated 2 years ago
- Interview questions for SOC Analyst, Sec Engineering, etc☆16Apr 27, 2024Updated last year
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- ☆11Mar 23, 2024Updated last year
- Write-ups cho một số bài trên Reversing.kr☆12Mar 24, 2023Updated 2 years ago
- Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IO…☆100Aug 4, 2025Updated 7 months ago
- Alternative password shadowing scheme☆10Feb 22, 2026Updated 3 weeks ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 2 years ago
- Direct syscalls Injection to bypass AV/EDR☆11May 18, 2024Updated last year
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- Bypass EDR(Endpoint Detection and Response) environment to write Behinder jsp webshell onto webserver☆13Dec 27, 2023Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆15Jan 10, 2024Updated 2 years ago
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆14Mar 21, 2022Updated 4 years ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- ETHICAL-HACKING☆12Dec 20, 2023Updated 2 years ago
- All the useful tools interesting to be used☆24Sep 20, 2022Updated 3 years ago
- Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5☆16Nov 22, 2024Updated last year
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆21Dec 15, 2024Updated last year
- Generate representative samples from Pwned Passwords (HIBP)☆11Jan 6, 2022Updated 4 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- This batch script file wants to check your EDR systems detection and response capabilities in a more noisy way!☆12Jul 3, 2020Updated 5 years ago
- Gui grep (and sed) with sessions and history☆15Nov 14, 2025Updated 4 months ago
- Test Suite for John the Ripper☆25Dec 28, 2025Updated 2 months ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- Small container runtime for threat detection☆14Apr 13, 2025Updated 11 months ago
- Graphical model of a TCP/IP stack which can be used as a cheatsheet when developing BPF filters.☆16Dec 10, 2019Updated 6 years ago
- Cloud threat detection visualization from excalidraw☆12Apr 25, 2022Updated 3 years ago
- Implementation of bcrypt password hashing scheme☆12Jan 11, 2021Updated 5 years ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Mar 13, 2026Updated last week
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago