magicsword-io / LOLRMM
LotL RMM
☆86Updated last month
Related projects ⓘ
Alternatives and complementary repositories for LOLRMM
- A repository to share publicly available Velociraptor detection content☆119Updated this week
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆66Updated this week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆75Updated 2 weeks ago
- A list of RMMs designed to be used in automation to build alerts☆108Updated last week
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆78Updated 3 months ago
- Active C&C Detector☆149Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.☆111Updated 6 months ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆85Updated 3 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆148Updated 5 months ago
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆94Updated last year
- An opensource sigma conversion tool built using pysigma☆95Updated this week
- Sigma rules to share with the community☆115Updated last month
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆161Updated this week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆68Updated 11 months ago
- ☆82Updated 2 months ago
- ☆75Updated 2 weeks ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆50Updated 2 weeks ago
- Harness the power of Splunk for your investigations☆76Updated 2 weeks ago
- A collection of various SIEM rules relating to malware family groups.☆61Updated 4 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 7 months ago
- A repository of my own Sigma detection rules.☆156Updated 2 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆87Updated 9 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 5 months ago
- Notes on responding to security breaches relating to Azure AD☆96Updated 2 years ago
- Powershell module for VMWare vSphere forensics☆140Updated this week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆139Updated last month
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated last week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆231Updated 11 months ago
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago