delivr-to / detectionsView external linksLinks
A home for detection content developed by the delivr.to team
☆73Aug 10, 2025Updated 6 months ago
Alternatives and similar repositories for detections
Users that are interested in detections are comparing it to the libraries listed below
Sorting:
- ☆10Jan 22, 2025Updated last year
- Sublime rules for email attack detection, prevention, and threat hunting.☆345Updated this week
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆154Jan 21, 2023Updated 3 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆17Sep 10, 2023Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Sep 27, 2022Updated 3 years ago
- Enumerate and check domains for Azure tenants☆60Feb 1, 2022Updated 4 years ago
- A command-line tool and module for the free Sublime Analysis API☆16Jun 18, 2024Updated last year
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- ☆17Sep 14, 2017Updated 8 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆61Sep 23, 2023Updated 2 years ago
- Yara Rules for Modern Malware☆78Mar 3, 2024Updated last year
- ☆26Nov 25, 2025Updated 2 months ago
- Collection of rules created using YARA-Signator over Malpedia☆142Jan 6, 2026Updated last month
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- ☆120May 26, 2025Updated 8 months ago
- Python tool for kidnapping Chrome cookies from a MacOS target☆22Oct 5, 2022Updated 3 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆157Nov 23, 2025Updated 2 months ago
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Yara rules for quick reverse engineering of malware.☆19Dec 9, 2015Updated 10 years ago
- ☆33Jan 23, 2025Updated last year
- Federated Office365 user enumeration based on correlated response trend analysis☆50May 3, 2022Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 2 years ago
- ☆22Jul 7, 2023Updated 2 years ago
- ☆129Jun 28, 2023Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆196Feb 8, 2026Updated last week
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- strongDM SDK for the Python programming language.☆15Updated this week
- Method of finding interesting domains using keywords + JARMs☆13Jan 30, 2023Updated 3 years ago
- A network segmentation and egress control testing tool for PCI DSS v4.0 compliance. Automatically discovers network segments, validates i…☆13Aug 15, 2025Updated 6 months ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 8 months ago
- Test Azure environment for MFA misconfigurations☆12Jan 13, 2023Updated 3 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago