Alternatives and similar repositories for AttackDetection:

Users that are interested in AttackDetection are comparing it to the libraries listed below

• al0ne / suricata-rules
  Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
  ☆1,169Updated last year
• RedDrip7 / APT_Digital_Weapon
  Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
  ☆917Updated 2 months ago
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆972Updated last year
• nshalabi / ATTACK-Tools
  Utilities for MITRE™ ATT&CK
  ☆1,018Updated 8 months ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,830Updated 8 months ago
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,520Updated last year
• Qianlitp / WatchAD
  AD Security Intrusion Detection System
  ☆1,289Updated last year
• pan-unit42 / public_tools
  ☆705Updated 2 years ago
• rsmudge / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆1,512Updated 3 years ago
• aptnotes / data
  APTnotes data
  ☆1,681Updated 2 months ago
• StamusNetworks / SELKS
  A Suricata based IDS/IPS/NSM distro
  ☆1,507Updated 6 months ago
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,554Updated this week
• nshalabi / SysmonTools
  Utilities for Sysmon
  ☆1,501Updated 8 months ago
• vulmon / Vulmap
  Vulmap Online Local Vulnerability Scanners Project
  ☆962Updated last year
• blackorbird / APT_REPORT
  Interesting APT Report Collection And Some Special IOC
  ☆2,498Updated this week
• bdamele / icmpsh
  Simple reverse ICMP shell
  ☆1,569Updated 6 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆470Updated last month
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,602Updated 8 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,854Updated last month
• sensepost / ruler
  A tool to abuse Exchange services
  ☆2,198Updated 8 months ago
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆642Updated 2 months ago
• gentilkiwi / kekeo
  A little toolbox to play with Microsoft Kerberos in C
  ☆1,453Updated 3 years ago
• honeytrap / honeytrap
  Advanced Honeypot framework.
  ☆1,240Updated last year
• praetorian-inc / purple-team-attack-automation
  Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
  ☆720Updated 5 years ago
• endgameinc / RTA
  ☆1,062Updated 5 years ago
• yeti-platform / yeti
  Your Everyday Threat Intelligence
  ☆1,809Updated this week
• CyberMonitor / APT_CyberCriminal_Campagin_Collections
  APT & CyberCriminal Campaign Collection
  ☆3,811Updated 6 months ago
• 0xrawsec / whids
  Open Source EDR for Windows
  ☆1,182Updated last year
• pan-unit42 / iocs
  Indicators from Unit 42 Public Reports
  ☆707Updated 3 weeks ago
• EBWi11 / AgentSmith-HIDS
  By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
  ☆593Updated 3 years ago