ine-labs / ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
β120Updated last year
Alternatives and similar repositories for ThreatSeeker:
Users that are interested in ThreatSeeker are comparing it to the libraries listed below
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β71Updated 2 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.β153Updated 10 months ago
- A collection of CVEs weaponized by ransomware operatorsβ111Updated this week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β118Updated 11 months ago
- Completely Risky Active-Directory Simulation Hubβ99Updated last year
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.β100Updated 6 months ago
- β74Updated last week
- β159Updated last year
- Windows Malware Investigation Scripts & Docsβ75Updated 4 months ago
- This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administratorsβ¦β28Updated 7 months ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detectionsβ183Updated 3 months ago
- Scripts and piece of codes used for Active Directory configurationβ84Updated 2 years ago
- Powershell tools used for Red Team / Pentesting.β76Updated last year
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilitiesβ207Updated 2 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Cβ¦β250Updated last year
- God Mode Detection Rulesβ134Updated 7 months ago
- β174Updated 3 months ago
- Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.β163Updated 5 months ago
- A collection of various SIEM rules relating to malware family groups.β65Updated 9 months ago
- Advanced Email Threat Hunting w/ Detection as Codeβ52Updated last month
- β171Updated last year
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcatβ109Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so onβ81Updated 10 months ago
- Advanced Bash script designed for conducting digital forensics on Linux systemsβ140Updated 11 months ago
- VirtualGHOST Detection Toolβ90Updated 10 months ago
- Some important DFIR Resourcesβ83Updated 2 years ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eveβ¦β155Updated this week
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Responsβ¦β51Updated 5 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.β322Updated 2 weeks ago