Alternatives and similar repositories for AttackDetection

Users that are interested in AttackDetection are comparing it to the libraries listed below

• RedDrip7 / APT_Digital_Weapon
  Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
  ☆950Updated last month
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆981Updated 2 years ago
• al0ne / suricata-rules
  Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
  ☆1,238Updated 2 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆498Updated 2 weeks ago
• Qianlitp / WatchAD
  AD Security Intrusion Detection System
  ☆1,314Updated 2 years ago
• nshalabi / ATTACK-Tools
  Utilities for MITRE™ ATT&CK
  ☆1,040Updated 2 weeks ago
• pan-unit42 / public_tools
  ☆714Updated 2 years ago
• vulmon / Vulmap
  Vulmap Online Local Vulnerability Scanners Project
  ☆970Updated 2 years ago
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆667Updated 3 weeks ago
• blackorbird / APT_REPORT
  Interesting APT Report Collection And Some Special IOCs
  ☆2,682Updated this week
• DinoTools / dionaea
  Home of the dionaea honeypot
  ☆775Updated last year
• EBWi11 / AgentSmith-HIDS
  By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
  ☆604Updated 4 years ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,999Updated last month
• baderj / domain_generation_algorithms
  Some results of my DGA reversing efforts
  ☆676Updated last week
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆280Updated this week
• nshalabi / SysmonTools
  Utilities for Sysmon
  ☆1,550Updated 2 weeks ago
• aptnotes / data
  APTnotes data
  ☆1,750Updated 9 months ago
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆811Updated 5 years ago
• bro / bro
  Mirror of https://github.com/zeek/zeek
  ☆176Updated 2 years ago
• pandazheng / Threat-Intelligence-Analyst
  威胁情报，恶意样本分析，开源Malware代码收集
  ☆346Updated 5 years ago
• StamusNetworks / Clear-NDR-ISO
  A Suricata based NDR distribution
  ☆1,569Updated 3 weeks ago
• 3gstudent / Pentest-and-Development-Tips
  A collection of pentest and development tips
  ☆1,122Updated 3 years ago
• rsmudge / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆1,570Updated 4 years ago
• 0xrawsec / whids
  Open Source EDR for Windows
  ☆1,275Updated 2 years ago
• CiscoCXSecurity / NeoPI
  ☆483Updated 3 years ago
• pan-unit42 / iocs
  Indicators from Unit 42 Public Reports
  ☆724Updated last month
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,749Updated last week
• CyberMonitor / APT_CyberCriminal_Campagin_Collections
  APT & CyberCriminal Campaign Collection
  ☆3,983Updated last year
• diogo-fernan / ir-rescue
  A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  ☆485Updated 4 years ago
• 0x783kb / Threat-Analysis-Handbook
  常见的攻击行为监测特征及方法，涵盖端点和流量，未包含PowerShell和Sysmon。预祝运营生活愉快！
  ☆640Updated 3 months ago