cgosec / BlauhauntLinks
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
☆175Updated 3 months ago
Alternatives and similar repositories for Blauhaunt
Users that are interested in Blauhaunt are comparing it to the libraries listed below
Sorting:
- God Mode Detection Rules☆134Updated last year
- A repository to share publicly available Velociraptor detection content☆186Updated this week
- Active C&C Detector☆156Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆150Updated 11 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆157Updated 5 months ago
- Mapping of open-source detection rules and atomic tests.☆176Updated 7 months ago
- A list of RMMs designed to be used in automation to build alerts☆112Updated 5 months ago
- ☆74Updated this week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆255Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆147Updated this week
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Updated 4 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆87Updated this week
- A collection of CVEs weaponized by ransomware operators☆122Updated 3 weeks ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated last year
- VirtualGHOST Detection Tool☆92Updated last year
- Finding ClickFix and FakeCAPTCHA like it's 1999☆57Updated this week
- ☆101Updated 2 months ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆78Updated 4 months ago
- Sigma rules to share with the community☆121Updated 7 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆107Updated 4 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆95Updated 3 weeks ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆308Updated last month
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆89Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆84Updated 3 months ago
- ☆115Updated 3 months ago
- Canary Detection☆187Updated 3 months ago
- LotL RMM☆238Updated last week