Alternatives and similar repositories for lupo

Users that are interested in lupo are comparing it to the libraries listed below

• StevenD33 / Lab-DFIR-SOC
  ☆68Updated 4 years ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆54Updated 4 years ago
• alex-cart / LEAF
  Linux Evidence Acquisition Framework
  ☆119Updated 10 months ago
• pr0xylife / Emotet
  IOC Collection 2022
  ☆57Updated 2 years ago
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆168Updated 2 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 3 years ago
• malvuln / Adversary3
  Malware vulnerability intel tool for third-party attackers
  ☆121Updated 9 months ago
• CronUp / Malware-IOCs
  ☆96Updated 2 months ago
• svdwi / BlueBox
  BlueBox Malware analysis Box and Cyber threat intelligence.
  ☆42Updated 3 years ago
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆114Updated 3 years ago
• yarox24 / EvtxHussar
  Initial triage of Windows Event logs
  ☆102Updated last year
• carbonblack / active_c2_ioc_public
  Active C2 IoCs
  ☆99Updated 2 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆95Updated 2 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆42Updated 3 weeks ago
• HuskyHacks / MalAPIReader
  Reads and prints information from the website MalAPI.io
  ☆38Updated 3 years ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆154Updated 2 years ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆146Updated last year
• MazX0p / ThreatHound
  ☆160Updated last year
• albertzsigovits / malware-notes
  Notes and IoCs of fresh malware
  ☆58Updated last year
• shabarkin / pointer
  Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.
  ☆67Updated 3 years ago
• eddiechu / Encrypt-Delete-Test
  Really can protect from ransomware encryption?
  ☆46Updated last year
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆56Updated last year
• pbssubhash / h0neytr4p
  Easy to configure Honeypot for Blue Team
  ☆41Updated last month
• telekom-security / malware_analysis
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆116Updated last year
• AbdulRhmanAlfaifi / Rhaegal
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆41Updated last year
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago