mlgualtieri / PurpleTeamSummit
☆26Updated 3 years ago
Alternatives and similar repositories for PurpleTeamSummit:
Users that are interested in PurpleTeamSummit are comparing it to the libraries listed below
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- ☆41Updated 11 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆92Updated 2 years ago
- ShellSweeping the evil.☆52Updated 9 months ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated 2 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated 2 years ago
- ☆28Updated 4 years ago
- ☆38Updated 3 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- TA505+ Adversary Simulation☆65Updated 4 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- ☆44Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- ☆34Updated 2 years ago
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated last month
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- ESXi Cyber Security Incident Response Script☆23Updated 6 months ago
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆17Updated 2 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- ☆47Updated 5 years ago
- C# User Simulation☆32Updated 2 years ago
- Library of threat hunts to get any user started!☆42Updated 4 years ago
- Bloodhound Portable for Windows☆51Updated last year