elastic / endpoint-packageLinks
Repo for developing the endpoint package
☆26Updated this week
Alternatives and similar repositories for endpoint-package
Users that are interested in endpoint-package are comparing it to the libraries listed below
Sorting:
- Elastic Security Documentation☆86Updated this week
- ☆37Updated 2 months ago
- Package storage for packages served through the package registry service☆10Updated 2 years ago
- Command line tool used for generating events corpus dynamically given a specific integration☆23Updated 4 months ago
- elastic-package - Command line tool for developing Elastic Integrations☆61Updated last week
- A Golang CLI for the MITRE ATT&CK Framework☆12Updated last month
- Kubernetes offensive framework built in eBPF☆37Updated 2 years ago
- This repository contains generated contextual data utilized by pyattck.☆19Updated 3 months ago
- A CALDERA plugin☆22Updated last month
- 🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...☆21Updated last year
- Collection of my own detection rules☆20Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆41Updated 5 months ago
- ☆17Updated 2 years ago
- Detection Rule License (DRL)☆17Updated 5 months ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Updated 3 years ago
- Ideas for projects for defensive research or blue teaming☆10Updated 2 years ago
- TypeScript/JavaScript client libraries for Sliver☆20Updated 2 years ago
- An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to …☆21Updated last year
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆50Updated last year
- Vovk is framework of tools that include a WinDbg extension that generates in-depth YARA rules for malware.☆23Updated 10 months ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆176Updated 2 years ago
- Elastic Agent - single, unified way to add monitoring for logs, metrics, and other types of data to a host.☆180Updated this week
- Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.☆16Updated 4 years ago
- Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"☆17Updated 4 months ago
- IDA Python scripts☆37Updated 2 months ago
- PowerShell Scripts for the Public IT System Administrators and more☆14Updated 3 years ago
- ☆75Updated 2 years ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- QuasarRAT analysis tools and research report☆27Updated last year
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆18Updated 11 months ago