Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.
☆151Sep 21, 2024Updated last year
Alternatives and similar repositories for segugio
Users that are interested in segugio are comparing it to the libraries listed below
Sorting:
- ShellSweeping the evil.☆181Nov 25, 2024Updated last year
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆154Dec 26, 2025Updated 2 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆16Updated this week
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Dec 20, 2025Updated 2 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆224Sep 4, 2024Updated last year
- Framework for Monitoring File Ingestion Source for Yara Matches☆50Mar 10, 2025Updated 11 months ago
- Examine Chrome extensions for security issues☆95Nov 16, 2025Updated 3 months ago
- A resource containing all the tools each ransomware gangs uses☆1,330Dec 24, 2025Updated 2 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆832Updated this week
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆577Dec 6, 2025Updated 2 months ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…☆186Feb 9, 2025Updated last year
- RequestShield is a 100% Free and OpenSource tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential…☆106Dec 2, 2024Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 2 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,037Feb 24, 2026Updated last week
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 5 months ago
- Rules shared by the community from 100 Days of YARA 2025☆38Jan 2, 2026Updated 2 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆302Updated this week
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆173Jan 9, 2026Updated last month
- CLI tools for forensic investigation of Windows artifacts☆349Jul 21, 2025Updated 7 months ago
- ☆48Feb 14, 2026Updated 2 weeks ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆26Feb 4, 2021Updated 5 years ago
- Open source templates you can use to bootstrap your security programs☆890Dec 28, 2025Updated 2 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated last month
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated last month
- Defender Resource Hub☆30Feb 23, 2026Updated last week
- PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection…☆725Feb 14, 2026Updated 2 weeks ago
- Configuration Extractors for Malware☆124Apr 23, 2025Updated 10 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆288Feb 22, 2026Updated last week
- Adversary Simulation Framework☆38Aug 19, 2025Updated 6 months ago
- Modular web-application honeypot platform built using go and gin☆63May 8, 2024Updated last year
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,402Nov 7, 2024Updated last year