Alternatives and similar repositories for phishcatch

Users that are interested in phishcatch are comparing it to the libraries listed below

• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 3 years ago
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆114Updated last year
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆90Updated 3 years ago
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆134Updated 2 years ago
• jsecurity101 / Marvel-Lab
  A collection of Powershell scripts that will help automate the build process for a Marvel domain.
  ☆145Updated last year
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆110Updated last month
• secprentice / PowerShellWatchlist
  List of PowerShell commands and commandlets that should be in your Powershel watchlist
  ☆37Updated 3 years ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆155Updated 3 years ago
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆129Updated 4 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆68Updated last week
• vadim-hunter / Detection-Ideas-Rules
  Detection Ideas & Rules repository.
  ☆179Updated 3 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆97Updated 2 years ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆80Updated 2 years ago
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆65Updated 3 years ago
• nidem / forgedpillow
  A tool to modify timestamps in a packet capture to a user selected date
  ☆31Updated 3 years ago
• bengoerz / PurpleTeamDocs
  ☆29Updated 4 years ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆59Updated last year
• microsoft / Azure-Threat-Research-Matrix
  ☆74Updated 11 months ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆98Updated 3 months ago
• sfakiana / SANS-CTI-Summit-2021
  Resources for SANS CTI Summit 2021 presentation
  ☆102Updated last year
• jwillyamz / ezEmu
  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
  ☆105Updated 2 years ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• mrrothe / py365
  A set of Python scripts for finding threats in Office365
  ☆50Updated 2 years ago
• mattifestation / WDACPolicies
  A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies
  ☆62Updated last year
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆37Updated 3 years ago
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆152Updated last year
• CrowdStrike / xwf-yara-scanner
  ☆87Updated last year
• DefensiveOrigins / DO-LAB
  ☆47Updated last month