Alternatives and similar repositories for bedr

Users that are interested in bedr are comparing it to the libraries listed below

• EmergingThreats / IDSDeathBlossom
  IDS Utility Belt For Automating/Testing Various Things
  ☆30Updated 4 years ago
• vector-sec / DuoPusher
  Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications
  ☆13Updated 7 years ago
• gamelinux / activedns
  An active domain name query tool to help keep track of domain name movements...
  ☆15Updated 4 years ago
• rvrsh3ll / CrypoCurrencyPowerShell
  ☆30Updated 6 years ago
• zshehri / MITRE_EDR_Eval
  Parsing MITRE EDR Evaluation results
  ☆12Updated 6 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 8 years ago
• Malicious-Entity / Get-Entity
  Scripts to query local admins quickly
  ☆9Updated 9 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• 0utrider / malrecon
  MalRecon - Basic Malware Reconnaissance and Analysis Tool
  ☆26Updated 7 years ago
• InitRoot / shareAttack
  Automatically attack all file shares within AD network environment. Exploiting weak permissions.
  ☆17Updated 5 years ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 5 years ago
• fl0x2208 / Memoirs-of-a-Threat-Hunter
  My personal experience in Threat Hunting and knowledge gained so far.
  ☆19Updated 7 years ago
• SekoiaLab / FastIR_Agent
  FastIR Agent is a Windows service to execute FastIR Collector on demand
  ☆14Updated 8 years ago
• sisoc-tokyo / mimikatz_detection
  ☆12Updated 7 years ago
• exp0se / detect_kerberos_attacks
  Detect kerberos attacks in pcap files
  ☆29Updated 9 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• audibleblink / git-ls
  List (or plunder) private repos/gists to which a token has access, including those of other users
  ☆11Updated 3 years ago
• l0ss / Chump2Trump
  Slides from my AD Privesc talk at WAHCKon 2017
  ☆16Updated 8 years ago
• DFIRnotes / rules
  Some rules, scripts of some use to us
  ☆9Updated 6 months ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• BreakingMalwareResearch / YetiToElastic
  YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
  ☆16Updated 4 years ago
• tedhardyMSFT / EventLogUtilities
  Set of utilities for getting information about Windows Events
  ☆15Updated 6 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆15Updated 5 years ago
• leoloobeek / GoGreen
  Environmental (and http) keying for scripting languages
  ☆39Updated 6 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago
• 3nc0d3r / NaishoDeNusumu
  Exfiltration Framework - Exfiltration modeling tool written in Python. Naisho attempts to avoid detection from DLP, IPS/IDS egress filter…
  ☆38Updated 10 years ago
• d3vzer0 / cnc-relay
  Docker projects to retain beacon source IPs using C2 relaying infra
  ☆11Updated 6 years ago
• surbo / OVERFLOW
  Microsoft Flow Attack Framework
  ☆23Updated 5 years ago