mandiant/sunburst_countermeasures external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mandiant/sunburst_countermeasures

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/sunburst_countermeasures)

Close

mandiant / sunburst_countermeasuresView on GitHubMore

• External links
• Readme badge

☆560Jun 1, 2023Updated 2 years ago

Alternatives and similar repositories for sunburst_countermeasures

Users that are interested in sunburst_countermeasures are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mandiant / red_team_tool_countermeasures

  View on GitHub
  ☆2,666Mar 5, 2024Updated 2 years ago
• bambenek / research

  View on GitHub
  ☆100Dec 21, 2020Updated 5 years ago
• RedDrip7 / SunBurst_DGA_Decode

  View on GitHub
  SunBurst DGA Decode Script
  ☆206Jan 10, 2021Updated 5 years ago
• 2igosha / sunburst_dga

  View on GitHub
  ☆22Dec 22, 2020Updated 5 years ago
• eanmeyer / SolarwindsVulnerablityInfo

  View on GitHub
  Repository with all the Solarwinds Vulnerability information I've been tracking and using for communications, review, and technical under…
  ☆25Dec 19, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• mandiant / ThreatPursuit-VM

  View on GitHub
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,304Jun 1, 2023Updated 2 years ago
• mubix / solarflare

  View on GitHub
  SolarWinds Orion Account Audit / Password Dumping Utility
  ☆354Oct 9, 2023Updated 2 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,549Jan 24, 2023Updated 3 years ago
• rkovar / sunburstlookups

  View on GitHub
  Quick lookup files for SUNBURST Backdoor
  ☆12Dec 15, 2020Updated 5 years ago
• sophos / SOREL-20M

  View on GitHub
  Sophos-ReversingLabs 20 million sample dataset
  ☆695Apr 7, 2021Updated 5 years ago
• chaoticmachinery / frac_rift

  View on GitHub
  FRAC and RIFT
  ☆17Mar 16, 2019Updated 7 years ago
• activecm / rita-legacy

  View on GitHub
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,513Jan 12, 2026Updated 3 months ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,309Apr 1, 2026Updated 2 weeks ago
• cisagov / Sparrow

  View on GitHub
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,429Dec 27, 2022Updated 3 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• mandiant / pulsesecure_exploitation_countermeasures

  View on GitHub
  ☆23Jun 1, 2023Updated 2 years ago
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆902Nov 3, 2025Updated 5 months ago
• Neo23x0 / signature-base

  View on GitHub
  YARA signature and IOC database for my scanners and tools
  ☆2,917Updated this week
• Shadow0ps / solorigate_sample_source

  View on GitHub
  Decompile of the Solorwinds "SUNBURST" Trojan associated with Campaign UNC2452 This is the SolarWinds.Orion.Core.BusinessLayer.dll file f…
  ☆44Dec 14, 2020Updated 5 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,946Jul 6, 2024Updated last year
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,734Mar 20, 2024Updated 2 years ago
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,644Nov 22, 2022Updated 3 years ago
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,397Oct 14, 2023Updated 2 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,394Feb 10, 2026Updated 2 months ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆627Mar 18, 2025Updated last year
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,310Sep 8, 2025Updated 7 months ago
• JPCERTCC / LogonTracer

  View on GitHub
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆3,156Oct 19, 2025Updated 6 months ago
• ITAYC0HEN / SUNBURST-Cracked

  View on GitHub
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Dec 23, 2020Updated 5 years ago
• DissectMalware / XLMMacroDeobfuscator

  View on GitHub
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆585May 5, 2024Updated last year
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,476Apr 7, 2026Updated last week
• sophos / solarwinds-threathunt

  View on GitHub
  Threathunt details for the Solarwinds compromise
  ☆33Jun 26, 2021Updated 4 years ago
• mattnotmax / cyberchef-recipes

  View on GitHub
  A list of cyber-chef recipes and curated links
  ☆2,200Jun 14, 2024Updated last year
• Te-k / cobaltstrike

  View on GitHub
  Code and yara rules to detect and analyze Cobalt Strike
  ☆273May 5, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆343Jun 25, 2022Updated 3 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence

  View on GitHub
  Defences against Cobalt Strike
  ☆1,297Jul 14, 2022Updated 3 years ago
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,743Jan 12, 2026Updated 3 months ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,468Jul 3, 2024Updated last year
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• mandiant / commando-vm

  View on GitHub
  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…
  ☆7,566Oct 16, 2025Updated 6 months ago