redcanaryco / chain-reactorLinks
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
☆319Updated 5 months ago
Alternatives and similar repositories for chain-reactor
Users that are interested in chain-reactor are comparing it to the libraries listed below
Sorting:
- Threat Hunting & Incident Investigation with Osquery☆215Updated 3 years ago
- Cisco Orbital - Osquery queries by Talos☆134Updated last year
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- Yet Another Yara Automaton - Automatically curate open source yara rules and run scans☆291Updated last year
- Public Repo for Atomic Test Harness☆275Updated 5 months ago
- A list of my personal projects☆177Updated 3 years ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆231Updated 5 months ago
- ☆175Updated last year
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆298Updated 11 months ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- Threat Hunting tool about Sysmon and graphs☆334Updated 2 years ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆204Updated 4 years ago
- Misc Threat Hunting Resources☆374Updated 2 years ago
- Detection Ideas & Rules repository.☆179Updated 4 years ago
- Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…☆256Updated 10 months ago
- Purple Teaming Attack & Hunt Lab - Terraform☆160Updated 3 years ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆292Updated 4 months ago
- Sigma rules from Joe Security☆219Updated 10 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆188Updated 3 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- Atomic Purple Team Framework and Lifecycle☆298Updated 4 years ago
- Collection of created MindMaps☆151Updated last year
- Blueteam operational triage registry hunting/forensic tool.☆149Updated 2 weeks ago
- Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results☆269Updated this week
- A python script developed to process Windows memory images based on triage type.☆265Updated last year
- ☆130Updated last year
- A Python package to interact with the Mitre ATT&CK Framework☆477Updated last year
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆136Updated last year
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆572Updated 3 years ago