Alternatives and similar repositories for Windows-Sandbox-Flare-VM

Users that are interested in Windows-Sandbox-Flare-VM are comparing it to the libraries listed below

• bobby-tablez / Enable-All-The-Logs
  This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…
  ☆35Updated 7 months ago
• xg5-simon / MS-Graph-BlueTeam
  MS Graph Commands and Tools for Blue Teamers
  ☆51Updated 2 years ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆79Updated 6 months ago
• cisagov / Ludus
  Ludus is a system to build easy to use cyber environments, or "ranges" for testing and development.
  ☆72Updated last year
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆99Updated 7 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 4 months ago
• ozpingux / BasicLinuxForensicScript
  Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.
  ☆43Updated 2 years ago
• DFIRKuiper / Hoarder
  ☆20Updated 3 years ago
• Yamato-Security / sigma-to-hayabusa-converter
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Updated 3 weeks ago
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆71Updated 11 months ago
• FrankMcGovern / Hidden-Vendor-Security-Advisories
  This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…
  ☆32Updated last year
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆127Updated last year
• mttaggart / venture
  Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
  ☆91Updated 9 months ago
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆153Updated last month
• techspence / AppLockerInspector
  Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.
  ☆117Updated 3 months ago
• janstarke / ntdsextract2
  This aims to be a collection of tools to forensically analyze Active Directory databases
  ☆25Updated 5 months ago
• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆65Updated 5 months ago
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆146Updated 3 months ago
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆55Updated 2 years ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated 11 months ago
• akamai / Invoke-DHCPCheckup
  ☆109Updated last year
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆99Updated 3 months ago
• MHaggis / AppLockerGen
  AppLocker Policy Generator
  ☆24Updated 2 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆96Updated last year
• tsale / EDR-Telemetry-Website
  ☆74Updated this week
• haim-n / Windows-Security-Assessment
  Assess Windows OS for security misconfigurations and hardening opportunities.
  ☆34Updated last year
• reprise99 / 4688-sysmon
  ☆61Updated 2 years ago
• sans-blue-team / DNS-Exfiltrate
  ☆27Updated 2 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated 2 months ago
• mandiant / citrix-ioc-scanner-cve-2023-3519
  ☆67Updated 2 years ago