Alternatives and similar repositories for Red-team-toolkit

Users that are interested in Red-team-toolkit are comparing it to the libraries listed below

• AmirHoseinTangsiriNET / EventLogSilencer
  EventLogSilencer is a PowerShell script designed for disable Windows Event Logging
  ☆17Updated last year
• vc0RExor / Malware-Threat-Reports
  A full analysis report detailing as much as possible of a Malware or a Threat
  ☆31Updated last year
• QueenSquishy / Zombie
  General Content
  ☆26Updated last year
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆50Updated 3 years ago
• sourcefrenchy / DEFCON-30---Exotic-Data-Exfiltration
  Slides from my talk at the Adversary Village, Defcon 30
  ☆29Updated 2 years ago
• vc0RExor / Quick-Analysis
  Quick analysis focusing on most important of a Malware or a Threat
  ☆41Updated 2 years ago
• CronUp / EnAnalisis
  ☆44Updated this week
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆41Updated last month
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆40Updated 3 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated 2 years ago
• DeanOfCyber / Active-Directory-Penetration-Testing-and-Security
  Resources for AD penetration testing and security
  ☆33Updated 3 years ago
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆45Updated 2 years ago
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆114Updated 3 years ago
• mvelazc0 / SharpShareFinder
  SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveragi…
  ☆30Updated last year
• ZephrFish / AutoHoneyPoC
  AutoPoC Generator HoneyPoC
  ☆35Updated 5 months ago
• xg5-simon / MS-Graph-BlueTeam
  MS Graph Commands and Tools for Blue Teamers
  ☆50Updated last year
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• Orange-Cyberdefense / sikara
  Ease and assist the compromise of an Active Directory environment.
  ☆30Updated 4 years ago
• OSTEsayed / OSTE-MalStatWare
  MalStatWare automates malware analysis with Python. Extract key details like file size, type, hash, path, and digital signature. It analy…
  ☆30Updated last year
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆78Updated 8 months ago
• Sh1n0g1 / z9
  PowerShell Script Analyzer
  ☆70Updated last year
• nickzer0 / RedLab
  Files to automatically deploy red team Active Directory test lab
  ☆47Updated 3 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆79Updated last year
• RedSiege / GPPDeception
  This script generates a groups.xml file that mimics a real GPP to create a new user on domain-joined computers
  ☆46Updated 5 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆68Updated last year
• simeononsecurity / Windows-Hardening-CTF
  A windows hardening script that makes it difficult to compromise a Windows device. Only for use during Blue-Team Competitions.
  ☆28Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆42Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 3 years ago