brokensound77 / LoFPLinks
Living off the False Positive!
☆39Updated 7 months ago
Alternatives and similar repositories for LoFP
Users that are interested in LoFP are comparing it to the libraries listed below
Sorting:
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆46Updated 5 months ago
- ShellSweeping the evil.☆53Updated last year
- General Content☆26Updated last year
- A home for detection content developed by the delivr.to team☆70Updated 2 weeks ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 3 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated 2 years ago
- Baseline a Windows System against LOLBAS☆29Updated last year
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- urlyzer is a URL parsing analysis tool.☆23Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- VTC - Velociraptor Timeline Creator☆18Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Updated last week
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated 2 months ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆42Updated 7 months ago
- Detection rule validation☆41Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated 2 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last month
- Table of AD and Azure assets and whether they belong to Tier Zero☆27Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- ☆11Updated 2 years ago
- create a "simulated internet" cyber range environment☆18Updated 3 months ago
- ☆10Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated last year