Alternatives and similar repositories for AttackDetection

Users that are interested in AttackDetection are comparing it to the libraries listed below

• RedDrip7 / APT_Digital_Weapon
  Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
  ☆930Updated 2 months ago
• al0ne / suricata-rules
  Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
  ☆1,209Updated last year
• nsacyber / Mitigating-Web-Shells
  Guidance for mitigation web shells. #nsacyber
  ☆976Updated last year
• nshalabi / ATTACK-Tools
  Utilities for MITRE™ ATT&CK
  ☆1,030Updated last year
• NextronSystems / APTSimulator
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,601Updated last year
• rsmudge / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆1,539Updated 4 years ago
• bdamele / icmpsh
  Simple reverse ICMP shell
  ☆1,590Updated 7 years ago
• JPCERTCC / LogonTracer
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆2,897Updated 11 months ago
• Qianlitp / WatchAD
  AD Security Intrusion Detection System
  ☆1,293Updated 2 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆479Updated last week
• vulmon / Vulmap
  Vulmap Online Local Vulnerability Scanners Project
  ☆967Updated 2 years ago
• pan-unit42 / public_tools
  ☆710Updated 2 years ago
• sensepost / ruler
  A tool to abuse Exchange services
  ☆2,229Updated 11 months ago
• endgameinc / RTA
  ☆1,073Updated 6 years ago
• aptnotes / data
  APTnotes data
  ☆1,711Updated 5 months ago
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆651Updated 2 weeks ago
• api0cradle / LOLBAS
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆1,606Updated 6 years ago
• 0xrawsec / whids
  Open Source EDR for Windows
  ☆1,248Updated 2 years ago
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,634Updated last week
• 3gstudent / Pentest-and-Development-Tips
  A collection of pentest and development tips
  ☆1,111Updated 3 years ago
• CyberMonitor / APT_CyberCriminal_Campagin_Collections
  APT & CyberCriminal Campaign Collection
  ☆3,900Updated 10 months ago
• alphasoc / flightsim
  A utility to safely generate malicious network traffic patterns and evaluate controls.
  ☆1,310Updated last year
• blackorbird / APT_REPORT
  Interesting APT Report Collection And Some Special IOCs
  ☆2,565Updated this week
• pan-unit42 / iocs
  Indicators from Unit 42 Public Reports
  ☆711Updated last week
• diogo-fernan / ir-rescue
  A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
  ☆481Updated 4 years ago
• abatchy17 / WindowsExploits
  Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
  ☆1,873Updated 4 years ago
• SECFORCE / Tunna
  Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in full…
  ☆1,257Updated 2 years ago
• StamusNetworks / SELKS
  A Suricata based IDS/IPS/NSM distro
  ☆1,536Updated 9 months ago
• 0x783kb / Threat-Analysis-Handbook
  常见的攻击行为监测特征及方法，涵盖端点和流量，未包含PowerShell和Sysmon。预祝运营生活愉快！
  ☆624Updated this week
• qazbnm456 / awesome-cve-poc
  ✍️ A curated list of CVE PoCs.
  ☆3,409Updated 3 years ago