mitre / adversaryLinks
A CALDERA plugin
☆18Updated 5 years ago
Alternatives and similar repositories for adversary
Users that are interested in adversary are comparing it to the libraries listed below
Sorting:
- Parsing MITRE EDR Evaluation results☆12Updated 6 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated 2 years ago
- SilkETW & SilkService☆40Updated 6 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 5 years ago
- OSSEM Modular☆27Updated 5 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- ☆46Updated 2 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 3 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 6 years ago
- ☆20Updated 7 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- Compilation of resources to help with Adversary Simulation automation harness☆100Updated 5 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- Collection of YARA signatures from individual research☆44Updated last year
- A list of IOCs applicable to PoshC2☆24Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- PowerShell script for hunting webshells on Microsoft Exchange Servers.☆56Updated 8 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- ConventionEngine - A Yara Rulepack for PDB Path Hunting☆38Updated 2 years ago
- Random hunting ordiented yara rules☆97Updated 2 years ago
- Repository for my ATT&CK analysis research.☆69Updated 6 years ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Updated 5 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Updated 5 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 5 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 8 months ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- C# User Simulation☆33Updated 2 years ago
- A simple utility to generate real File and Active Directory activity in lab environments for the purposes of monitoring changes and detec…☆11Updated 6 years ago