Alternatives and similar repositories for KilledProcessCanary:

Users that are interested in KilledProcessCanary are comparing it to the libraries listed below

• DidierStevens / etl2pcapng
  Utility that converts an .etl file containing a Windows network packet capture into .pcapng format.
  ☆46Updated 5 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 3 years ago
• XMCyber / MacHound
  ☆99Updated 4 years ago
• Neo23x0 / xorex
  XOR Key Extractor
  ☆50Updated 6 months ago
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆51Updated last year
• dmaasland / mcafee-config-decrypt
  ☆60Updated 4 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 6 years ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆91Updated 2 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆32Updated 2 years ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• nmantani / PS-TrustedDocuments
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆34Updated last year
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆75Updated 5 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• swimlane / PSAttck
  PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
  ☆38Updated 3 years ago
• fox-it / skrapa
  A zero dependency and customizable Python library for scanning Windows and Linux process memory.
  ☆65Updated last year
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 10 months ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆44Updated 4 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• rgeoghan / app-password-persistence
  Using Microsoft 365 App Passwords for persistence
  ☆23Updated 4 years ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 9 months ago
• secureworks / whiskeysamlandfriends
  GoldenSAML Attack Libraries and Framework
  ☆67Updated 8 months ago
• dsnezhkov / racketeer
  ☆69Updated 3 years ago
• Silv3rHorn / evtx2json
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41Updated 3 years ago
• Immersive-Labs-Sec / msrc-api
  A collection of tools to interact with Microsoft Security Response Center API
  ☆95Updated last year
• vletoux / TestAntivirus
  Test if an antivirus is installed via the resolution of the service virtual SID
  ☆55Updated 5 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆73Updated 2 years ago