Alternatives and similar repositories for tehsat

Users that are interested in tehsat are comparing it to the libraries listed below

• robindimyan / apthowto
  Liberating dem proprietary APT implants
  ☆20Updated 5 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆30Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• Manticore-Platform / manticore-cli
  Manticore Adversary Emulation Cli
  ☆48Updated 5 years ago
• c2defense / network-device-logs
  Analytics for Accounting logs from Network devices
  ☆17Updated 4 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 5 years ago
• sourcefrenchy / certexfil
  Exfiltration based on custom X509 certificates
  ☆26Updated last year
• shabarkin / pointer
  Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.
  ☆68Updated 3 years ago
• ahhh / presentations
  various slides and presentations I've worked on
  ☆19Updated 5 months ago
• lsoumille / Yara_Merger
  Merge all Yara rules from official Yara github repository in one .yar file
  ☆30Updated 7 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆54Updated 4 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆32Updated 5 years ago
• mandiant / goauditparser
  ☆45Updated 2 years ago
• jeFF0Falltrades / IoCs
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆30Updated 5 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• jonny-jhnson / Detecting-Process-Injection-Techniques
  This is a repository that is meant to hold detections for various process injection techniques.
  ☆34Updated 5 years ago
• 2igosha / sunburst_dga
  ☆22Updated 4 years ago
• r00tten / VTI-Cosplay
  Low budget VirusTotal Intelligence Cosplay
  ☆20Updated 3 years ago
• Th1ru-M / Windows-Threat-Hunting
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Updated 8 months ago
• arieljt / VTCodeBlocks-Maltego
  Maltego transforms to pivot between PE files based on their VirusTotal codeblocks
  ☆18Updated 4 years ago
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated last year
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated 3 years ago
• SIFalcon / Detection
  ☆22Updated 2 years ago
• brokensound77 / toruk
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Updated 6 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆38Updated 2 years ago
• zshehri / MITRE_EDR_Eval
  Parsing MITRE EDR Evaluation results
  ☆12Updated 6 years ago
• dtmsecurity / 3aj-lib
  Proof of concept communications from C# via a web browser process
  ☆21Updated 6 years ago
• y3n11 / Captain
  Userland API monitor for threat hunting
  ☆58Updated 5 years ago
• myrtus0x0 / SMAT
  Standardized Malware Analysis Tool
  ☆54Updated 4 years ago