Alternatives and similar repositories for siemcraft

Users that are interested in siemcraft are comparing it to the libraries listed below

• cado-security / varc
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆256Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆133Updated 3 years ago
• adobe / libLOL
  ☆50Updated 4 months ago
• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆166Updated 8 months ago
• Sh3lldor / PVT
  PCAP visualization tool
  ☆104Updated 2 years ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated last year
• swimlane / atomic-operator
  A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
  ☆137Updated last year
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆265Updated 2 years ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆37Updated 3 years ago
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆126Updated 2 years ago
• PayloadSecurity / Sandbox_Scryer
  ☆226Updated 3 years ago
• JPCERTCC / MemoryForensic-on-Cloud
  Memory Forensic System on Cloud
  ☆92Updated last year
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆159Updated 2 years ago
• Nirusu / how-to-setup-a-honeypot
  How to setup a honeypot with an IDS, ELK and TLS traffic inspection
  ☆164Updated 3 years ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Updated 3 years ago
• palantir / phishcatch
  A browser extension and API server for detecting corporate password use on external websites
  ☆94Updated 3 months ago
• BinaryDefense / log4j-honeypot-flask
  Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
  ☆151Updated 3 years ago
• blacklotuslabs / IOCs
  IOCs published by Black Lotus Labs
  ☆124Updated last month
• jklepsercyber / defender-detectionhistory-parser
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆114Updated 3 years ago
• calebstewart / python-sigma
  Python API for interacting with sigma rules.
  ☆54Updated 3 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆100Updated 3 years ago
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆120Updated 2 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆85Updated last year
• nccgroup / KilledProcessCanary
  A canary designed to minimize the impact from certain Ransomware actors
  ☆100Updated 4 years ago
• M00NLIG7 / ChopChopGo
  Rapidly Search and Hunt through Linux Forensics Artifacts
  ☆200Updated last year
• Neo23x0 / LOLSecIssues
  Cybersecurity's lighter side: a collection of the most amusing misunderstandings and missteps from newcomers to offensive security tools.…
  ☆57Updated 2 years ago
• AbdulRhmanAlfaifi / Fennec
  Artifact collection tool for *nix systems
  ☆213Updated last year
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆97Updated 2 years ago
• mrcbax / honeyup
  An uploader honeypot designed to look like poor website security.
  ☆28Updated 7 months ago