redcanaryco / chain-reactorLinks
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
☆314Updated last month
Alternatives and similar repositories for chain-reactor
Users that are interested in chain-reactor are comparing it to the libraries listed below
Sorting:
- Misc Threat Hunting Resources☆373Updated 2 years ago
- Public Repo for Atomic Test Harness☆272Updated last month
- Threat Hunting & Incident Investigation with Osquery☆208Updated 3 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- A list of my personal projects☆177Updated 2 years ago
- Threat Hunting tool about Sysmon and graphs☆333Updated 2 years ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆216Updated 2 months ago
- This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …☆202Updated 4 years ago
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 2 months ago
- Atomic Purple Team Framework and Lifecycle☆294Updated 4 years ago
- Automatically create YARA rules from malicious documents.☆211Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆202Updated 2 years ago
- Tool Analysis Result Sheet☆354Updated 7 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆562Updated 3 years ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆185Updated 3 years ago
- A knowledge base of actionable Incident Response techniques☆637Updated 3 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆476Updated last year
- DFIRTrack - The Incident Response Tracking Application☆498Updated 9 months ago
- Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana☆296Updated 8 months ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year
- CASCADE Server☆270Updated 2 years ago
- 🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system☆288Updated 3 weeks ago
- ☆173Updated 11 months ago
- OSSEM Detection Model☆176Updated 2 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆352Updated 4 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆615Updated 11 months ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago
- Sigma rules from Joe Security☆215Updated 7 months ago