Alternatives and similar repositories for CCDC

Users that are interested in CCDC are comparing it to the libraries listed below

• nullmonk / detcord
  autopwn + deployment
  ☆15Updated 3 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• scriptingislife / s3eker
  s3eker is an extensible way to find open S3 buckets.
  ☆17Updated 4 years ago
• praetorian-inc / Okta_Watering_Hole
  Next Generation Phishing Tool For Internal / Red Teams
  ☆35Updated 6 years ago
• Cyb3rWard0g / docker-caldera
  Docker Container to deploy Mitre Caldera Automated Adversary Emulation System
  ☆26Updated 4 years ago
• arekfurt / WinAWL
  ☆18Updated 5 years ago
• OTRF / bloodhound-notebook
  BloodHound Cypher Queries Ported to a Jupyter Notebook
  ☆53Updated 5 years ago
• sebrink / resources
  Resources I've found helpful for learning computing security.
  ☆14Updated 5 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 7 months ago
• jckhmr / adlab
  ☆79Updated 5 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 3 years ago
• xFreed0m / Disruption
  Terraform script to deploy AD-based environment on Azure
  ☆41Updated 2 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 4 years ago
• ZephrFish / NessusPreFlight
  Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to …
  ☆16Updated 2 months ago
• davebremer / Export-SysmonLogs
  ☆11Updated 6 years ago
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆53Updated last year
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆111Updated 6 years ago
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆93Updated 3 years ago
• ptswarm / impacket
  Impacket Fork for Contributing and Sharing Our Knowledge about Windows
  ☆66Updated 4 years ago
• jwillyamz / ezEmu
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆105Updated 2 years ago
• IllusiveNetworks-Labs / HistoricProcessTree
  An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…
  ☆60Updated 7 years ago
• dsnezhkov / racketeer
  ☆69Updated 3 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• wietze / bsides-ldn-2019
  Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA
  ☆22Updated 6 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• rgeoghan / app-password-persistence
  Using Microsoft 365 App Passwords for persistence
  ☆23Updated 4 years ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated 2 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Updated 3 years ago
• paranoidninja / Threat-Hunting
  This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…
  ☆56Updated 7 years ago