Alternatives and similar repositories for rogueapps

Users that are interested in rogueapps are comparing it to the libraries listed below

• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆119Updated 3 months ago
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆164Updated 9 months ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆100Updated last year
• Permiso-io-tools / azure-activity-log-axe
  Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…
  ☆28Updated 10 months ago
• syne0 / osprey
  Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
  ☆14Updated 7 months ago
• okta / customer-detections
  ☆138Updated last week
• Yamato-Security / suzaku
  Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
  ☆136Updated this week
• grahamhelton / IMDSpoof
  IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.
  ☆104Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆170Updated 6 months ago
• Permiso-io-tools / RansomWhen
  RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…
  ☆55Updated 5 months ago
• tsale / EDR-Telemetry-Website
  ☆74Updated last month
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆115Updated 10 months ago
• gladstomych / AHHHZURE
  AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…
  ☆105Updated last year
• FalconForceTeam / dAWShund
  Putting a leash on naughty AWS permissions
  ☆126Updated 3 months ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆172Updated 2 months ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆47Updated 3 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆105Updated last week
• montysecurity / YaraMonitor
  Framework for Monitoring File Ingestion Source for Yara Matches
  ☆47Updated 4 months ago
• Permiso-io-tools / capiche
  ☆17Updated last month
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆86Updated 7 months ago
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆92Updated last year
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆32Updated 6 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆138Updated last year
• thinkst / defending-off-the-land
  Assortment of scripts and tools for our Blackhat EU 2024 talk
  ☆95Updated 5 months ago
• silascutler / dockerhoneypot-logs
  Collection of Docker honeypot logs from 2021 - 2024
  ☆36Updated 10 months ago
• 0xAnalyst / Project-Lost
  Living Off Security Tools
  ☆45Updated 9 months ago
• st0pp3r / awesome-detection-engineer
  Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…
  ☆109Updated 3 weeks ago
• SygniaLabs / Mirage
  ☆73Updated 4 months ago
• invictus-ir / IOCs
  Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
  ☆12Updated last month
• fr0gger / nova-framework
  NOVA: The Prompt Pattern Matching
  ☆142Updated last week