mandiant / sunburst_countermeasuresView external linksLinks
☆562Jun 1, 2023Updated 2 years ago
Alternatives and similar repositories for sunburst_countermeasures
Users that are interested in sunburst_countermeasures are comparing it to the libraries listed below
Sorting:
- ☆2,663Mar 5, 2024Updated last year
- ☆100Dec 21, 2020Updated 5 years ago
- SunBurst DGA Decode Script☆205Jan 10, 2021Updated 5 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- SolarWinds Orion Account Audit / Password Dumping Utility☆354Oct 9, 2023Updated 2 years ago
- Windows Events Attack Samples☆2,502Jan 24, 2023Updated 3 years ago
- Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…☆1,301Jun 1, 2023Updated 2 years ago
- Re-play Security Events☆1,723Mar 20, 2024Updated last year
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆2,514Jan 12, 2026Updated last month
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,432Dec 27, 2022Updated 3 years ago
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- Repository with all the Solarwinds Vulnerability information I've been tracking and using for communications, review, and technical under…☆25Dec 19, 2020Updated 5 years ago
- A repository for using windows event forwarding for incident detection and response☆1,296Sep 8, 2025Updated 5 months ago
- ReversingLabs YARA Rules☆895Nov 3, 2025Updated 3 months ago
- Main Sigma Rule Repository☆10,109Updated this week
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,901Jul 6, 2024Updated last year
- YARA signature and IOC database for my scanners and tools☆2,864Feb 5, 2026Updated last week
- TrustedSec Sysinternals Sysmon Community Guide☆1,363Dec 15, 2025Updated last month
- A Powershell incident response framework☆1,637Nov 22, 2022Updated 3 years ago
- Defences against Cobalt Strike☆1,293Jul 14, 2022Updated 3 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Dec 23, 2020Updated 5 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆587May 5, 2024Updated last year
- ☆2,383Oct 14, 2023Updated 2 years ago
- ☆452Aug 4, 2021Updated 4 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,049Oct 19, 2025Updated 3 months ago
- A list of cyber-chef recipes and curated links☆2,183Jun 14, 2024Updated last year
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,433Feb 7, 2026Updated last week
- ☆23Jun 1, 2023Updated 2 years ago
- Loki - Simple IOC and YARA Scanner☆3,715Jan 12, 2026Updated last month
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆345Jun 25, 2022Updated 3 years ago
- FRAC and RIFT☆17Mar 16, 2019Updated 6 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,048Feb 17, 2022Updated 3 years ago
- Repository of YARA rules made by Trellix ATR Team☆625Mar 18, 2025Updated 10 months ago
- ☆648Jun 6, 2023Updated 2 years ago
- CyLR - Live Response Collection Tool☆708Jun 1, 2022Updated 3 years ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated 3 weeks ago
- Code and yara rules to detect and analyze Cobalt Strike☆273May 5, 2021Updated 4 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆504Oct 21, 2022Updated 3 years ago