jorritfolmer / EDRevals

Related projects ⓘ

Alternatives and complementary repositories for EDRevals

• Th1ru-M / Windows-Threat-Hunting
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Updated 3 years ago
• cabve / CbR
  Queries for Carbon Black Response
  ☆11Updated 4 years ago
• tevora-threat / atomic_red_team_gui
  Windows GUI/Execution Engine for Atomic Red Team Atomics
  ☆34Updated 4 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• jsecurity101 / Detecting-Process-Injection-Techniques
  This is a repository that is meant to hold detections for various process injection techniques.
  ☆33Updated 4 years ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago
• deep-security / sysmon-config
  ☆13Updated 4 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• carbonblack / active_c2_ioc_public
  Active C2 IoCs
  ☆96Updated last year
• mitre-attack / attack-evals
  ATT&CK Evaluations website (DEPRECATED)
  ☆59Updated 3 years ago
• vmapps / attack2neo
  Import Mitre Att&ck into Neo4j database
  ☆33Updated last year
• conexioninversa / WOPR
  Globally distributed honeypots and HoneyNets IOCs and file reversing
  ☆16Updated 7 months ago
• cyware-labs / Threat-Response-Docker
  ☆41Updated last year
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated last year
• Kart1keya / Hachi
  This tool maps a file's behavior on MITRE ATT&CK matrix.
  ☆57Updated 4 years ago
• mandiant / goauditparser
  ☆43Updated last year
• OTRF / bloodhound-notebook
  BloodHound Cypher Queries Ported to a Jupyter Notebook
  ☆53Updated 4 years ago
• YossiSassi / Get-NetSessionEnum
  Automate Network sessions enumeration of connected users in the domain, to facilitate AD Reconnaissance for Adversary simulation & Red Te…
  ☆15Updated 4 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• tianyulab / ThreatDetectionRules
  威胁检测规则集
  ☆15Updated 5 years ago
• f8al / TA-Shell
  Splunk scripted input for opening a backconnect shell on a remote forwarder
  ☆45Updated 4 years ago
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆36Updated 4 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆43Updated 4 years ago
• sisoc-tokyo / Real-timeDetectionAD_ver2
  ☆82Updated 3 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• aaronst / talks
  Presentation materials for talks I've given.
  ☆20Updated 5 years ago
• activeshadow / go-atomicredteam
  go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https…
  ☆46Updated last year