mandiant/sunburst_countermeasures external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mandiant/sunburst_countermeasures

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mandiant/sunburst_countermeasures)

Close

mandiant / sunburst_countermeasuresView on GitHubMore

• External links
• Readme badge

☆560Jun 1, 2023Updated 2 years ago

Alternatives and similar repositories for sunburst_countermeasures

Users that are interested in sunburst_countermeasures are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mandiant / red_team_tool_countermeasures

  View on GitHub
  ☆2,667Mar 5, 2024Updated 2 years ago
• bambenek / research

  View on GitHub
  ☆100Dec 21, 2020Updated 5 years ago
• RedDrip7 / SunBurst_DGA_Decode

  View on GitHub
  SunBurst DGA Decode Script
  ☆205Jan 10, 2021Updated 5 years ago
• 2igosha / sunburst_dga

  View on GitHub
  ☆22Dec 22, 2020Updated 5 years ago
• eanmeyer / SolarwindsVulnerablityInfo

  View on GitHub
  Repository with all the Solarwinds Vulnerability information I've been tracking and using for communications, review, and technical under…
  ☆25Dec 19, 2020Updated 5 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• mandiant / ThreatPursuit-VM

  View on GitHub
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,304Jun 1, 2023Updated 2 years ago
• mubix / solarflare

  View on GitHub
  SolarWinds Orion Account Audit / Password Dumping Utility
  ☆354Oct 9, 2023Updated 2 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,531Jan 24, 2023Updated 3 years ago
• rkovar / sunburstlookups

  View on GitHub
  Quick lookup files for SUNBURST Backdoor
  ☆12Dec 15, 2020Updated 5 years ago
• sophos / SOREL-20M

  View on GitHub
  Sophos-ReversingLabs 20 million sample dataset
  ☆692Apr 7, 2021Updated 4 years ago
• chaoticmachinery / frac_rift

  View on GitHub
  FRAC and RIFT
  ☆17Mar 16, 2019Updated 7 years ago
• activecm / rita-legacy

  View on GitHub
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,516Jan 12, 2026Updated 2 months ago
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,224Mar 19, 2026Updated last week
• cisagov / Sparrow

  View on GitHub
  Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…
  ☆1,429Dec 27, 2022Updated 3 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• mandiant / pulsesecure_exploitation_countermeasures

  View on GitHub
  ☆23Jun 1, 2023Updated 2 years ago
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆900Nov 3, 2025Updated 4 months ago
• Neo23x0 / signature-base

  View on GitHub
  YARA signature and IOC database for my scanners and tools
  ☆2,884Mar 9, 2026Updated 2 weeks ago
• Shadow0ps / solorigate_sample_source

  View on GitHub
  Decompile of the Solorwinds "SUNBURST" Trojan associated with Campaign UNC2452 This is the SolarWinds.Orion.Core.BusinessLayer.dll file f…
  ☆44Dec 14, 2020Updated 5 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,921Jul 6, 2024Updated last year
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,729Mar 20, 2024Updated 2 years ago
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,642Nov 22, 2022Updated 3 years ago
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,392Oct 14, 2023Updated 2 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,384Feb 10, 2026Updated last month
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆627Mar 18, 2025Updated last year
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,302Sep 8, 2025Updated 6 months ago
• JPCERTCC / LogonTracer

  View on GitHub
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆3,141Oct 19, 2025Updated 5 months ago
• ITAYC0HEN / SUNBURST-Cracked

  View on GitHub
  The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.
  ☆56Dec 23, 2020Updated 5 years ago
• DissectMalware / XLMMacroDeobfuscator

  View on GitHub
  Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)
  ☆585May 5, 2024Updated last year
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,460Updated this week
• sophos / solarwinds-threathunt

  View on GitHub
  Threathunt details for the Solarwinds compromise
  ☆33Jun 26, 2021Updated 4 years ago
• mattnotmax / cyberchef-recipes

  View on GitHub
  A list of cyber-chef recipes and curated links
  ☆2,197Jun 14, 2024Updated last year
• Te-k / cobaltstrike

  View on GitHub
  Code and yara rules to detect and analyze Cobalt Strike
  ☆272May 5, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆343Jun 25, 2022Updated 3 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence

  View on GitHub
  Defences against Cobalt Strike
  ☆1,297Jul 14, 2022Updated 3 years ago
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,735Jan 12, 2026Updated 2 months ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,438Jul 3, 2024Updated last year
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• mandiant / commando-vm

  View on GitHub
  Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…
  ☆7,546Oct 16, 2025Updated 5 months ago