Alternatives and similar repositories for endpoint-package

Users that are interested in endpoint-package are comparing it to the libraries listed below

• elastic / security-docs
  Elastic Security Documentation
  ☆86Updated this week
• elastic / package-spec
  EPR package specifications
  ☆19Updated last week
• elastic / elastic-agent
  Elastic Agent - single, unified way to add monitoring for logs, metrics, and other types of data to a host.
  ☆177Updated this week
• elastic / endpoint
  ☆36Updated 2 months ago
• elastic / package-storage
  Package storage for packages served through the package registry service
  ☆10Updated 2 years ago
• elastic / observability-docs
  Elastic Observability Documentation
  ☆39Updated 3 weeks ago
• elastic / elastic-package
  elastic-package - Command line tool for developing Elastic Integrations
  ☆60Updated this week
• Allevon412 / ReflectiveDLL_Sektor7
  ☆36Updated 3 years ago
• pathtofile / SealighterTI
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆175Updated 2 years ago
• Neo23x0 / defensive-project-ideas
  Ideas for projects for defensive research or blue teaming
  ☆10Updated 2 years ago
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆134Updated 2 years ago
• SCS-Labs / TheWatchList
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16Updated 4 years ago
• Sh0ckFR / log4j-CVE-2021-44228-Public-IoCs
  Public IoCs about log4j CVE-2021-44228
  ☆9Updated 3 years ago
• thefLink / Hunt-Weird-Syscalls
  ETW based POC to identify direct and indirect syscalls
  ☆185Updated 2 years ago
• dtrizna / SysmonRNN
  All necessary code in order to feed Sysmon data into Recurrent Neural Network
  ☆17Updated 4 years ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆21Updated last year
• MahmoudZohdy / APICallProxy
  Windows API Call Obfuscation
  ☆104Updated 2 years ago
• RedTeamOperations / VEH-PoC
  ☆115Updated 2 years ago
• MSAdministrator / goattck
  A Golang CLI for the MITRE ATT&CK Framework
  ☆12Updated last month
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆74Updated 3 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• varwara / CVE-2024-21338
  PoC for the Untrusted Pointer Dereference in the appid.sys driver
  ☆16Updated last year
• paranoidninja / Process-Instrumentation-Syscall-Hook
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆258Updated 2 years ago
• jdu2600 / CFG-FindHiddenShellcode
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆117Updated 2 years ago
• zodiacon / youtubecode
  Youtube channel sample code
  ☆49Updated this week
• joe-desimone / patriot
  ☆141Updated 2 years ago
• jackullrich / syscall-detect
  PoC capable of detecting manual syscalls from usermode.
  ☆196Updated 6 months ago
• elastic / PPLGuard
  ☆70Updated 4 months ago
• YOLOP0wn / EchoDrv
  Exploitation of echo_driver.sys
  ☆170Updated last year
• DGRonpa / Process_Injection
  ☆28Updated 3 years ago