ptresearch / AttackDetectionLinks
Attack Detection
☆1,359Updated 2 years ago
Alternatives and similar repositories for AttackDetection
Users that are interested in AttackDetection are comparing it to the libraries listed below
Sorting:
- Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等☆1,211Updated last year
- Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.☆934Updated 2 months ago
- AD Security Intrusion Detection System☆1,299Updated 2 years ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆480Updated last month
- Guidance for mitigation web shells. #nsacyber☆976Updated 2 years ago
- Vulmap Online Local Vulnerability Scanners Project☆967Updated 2 years ago
- Utilities for MITRE™ ATT&CK☆1,032Updated last year
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆1,542Updated 4 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆2,906Updated last year
- Simple reverse ICMP shell☆1,594Updated 7 years ago
- Interesting APT Report Collection And Some Special IOCs☆2,583Updated last week
- A tool to abuse Exchange services☆2,244Updated last year
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆1,607Updated 6 years ago
- A toolset to make a system look as if it was the victim of an APT attack☆2,610Updated 2 years ago
- A utility to safely generate malicious network traffic patterns and evaluate controls.☆1,312Updated last year
- YARA signature and IOC database for my scanners and tools☆2,657Updated last month
- yarGen is a generator for YARA rules☆1,654Updated 2 months ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆654Updated this week
- Indicators from Unit 42 Public Reports☆715Updated last month
- A collection of pentest and development tips☆1,114Updated 3 years ago
- ☆710Updated 2 years ago
- Proof of Concepts☆1,261Updated 7 months ago
- Open Source EDR for Windows☆1,251Updated 2 years ago
- Information released publicly by NCC Group's Cyber Incident Response Team☆476Updated 3 years ago
- Vulnerability Labs for security analysis☆1,173Updated 4 years ago
- An information security preparedness tool to do adversarial simulation.☆1,124Updated 6 years ago
- ☆1,074Updated 6 years ago
- Proof of concept for CVE-2019-0708☆1,183Updated 3 years ago
- 常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!☆627Updated this week
- Various public documents, whitepapers and articles about APT campaigns☆3,585Updated last year