Alternatives and similar repositories for AttackDetection:

Users that are interested in AttackDetection are comparing it to the libraries listed below

• RedDrip7 / APT_Digital_Weapon
  Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
  ☆911Updated last month
• blackorbird / APT_REPORT
  Interesting APT Report Collection And Some Special IOC
  ☆2,480Updated this week
• al0ne / suricata-rules
  Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
  ☆1,160Updated last year
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆464Updated last week
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,497Updated last year
• nshalabi / ATTACK-Tools
  Utilities for MITRE™ ATT&CK
  ☆1,013Updated 7 months ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,800Updated 6 months ago
• Qianlitp / WatchAD
  AD Security Intrusion Detection System
  ☆1,287Updated last year
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆970Updated last year
• StamusNetworks / SELKS
  A Suricata based IDS/IPS/NSM distro
  ☆1,502Updated 5 months ago
• pan-unit42 / public_tools
  ☆706Updated 2 years ago
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,525Updated last month
• vulmon / Vulmap
  Vulmap Online Local Vulnerability Scanners Project
  ☆959Updated last year
• endgameinc / RTA
  ☆1,057Updated 5 years ago
• outflanknl / RedELK
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,405Updated 4 months ago
• 0xrawsec / whids
  Open Source EDR for Windows
  ☆1,168Updated last year
• rsmudge / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆1,506Updated 3 years ago
• nshalabi / SysmonTools
  Utilities for Sysmon
  ☆1,496Updated 7 months ago
• aptnotes / data
  APTnotes data
  ☆1,672Updated last month
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆638Updated last month
• mitre / cti
  Cyber Threat Intelligence Repository expressed in STIX 2.0
  ☆1,777Updated 2 months ago
• api0cradle / LOLBAS
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆1,591Updated 6 years ago
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,586Updated 7 months ago
• activecm / rita-legacy
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,507Updated 6 months ago
• mitre-attack / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆2,040Updated this week
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,834Updated last month
• sensepost / ruler
  A tool to abuse Exchange services
  ☆2,186Updated 7 months ago
• ThreatHuntingProject / ThreatHunting
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,734Updated 3 years ago
• ahmedkhlief / APT-Hunter
  APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
  ☆1,277Updated 2 months ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence
  Defences against Cobalt Strike
  ☆1,282Updated 2 years ago