runZeroInc / runzero-tools

Related projects ⓘ

Alternatives and complementary repositories for runzero-tools

• olafhartong / detection-sources
  ☆53Updated 5 years ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 2 years ago
• runZeroInc / recog-go
  Recog-Go: Pattern Recognition using Rapid7 Recog
  ☆103Updated last year
• mitre-attack / attack-evals
  ATT&CK Evaluations website (DEPRECATED)
  ☆59Updated 3 years ago
• JohnLaTwC / Bluehat2018GraphWorkshop
  Bluehat 2018 Graphs for Security Workshop
  ☆42Updated 6 years ago
• PaperMtn / github-watchman
  Monitoring GitHub for sensitive data shared publicly
  ☆66Updated 2 years ago
• CyberMonitor / Invoke-Adversary
  Simulating Adversary Operations
  ☆93Updated 6 years ago
• NotSoSecure / udp-hunter
  Network assessment tool for various UDP Services covering both IPv4 and IPv6 protocols
  ☆115Updated 4 years ago
• hdm / jarm-go
  A Go implementation of JARM
  ☆119Updated 2 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• NaveenRudra / RTTM
  Real Time Threat Monitoring Tool
  ☆112Updated 2 years ago
• TarlogicSecurity / Arecibo
  Endpoint for Out-of-Band Exfiltration (DNS & HTTP)
  ☆90Updated 6 years ago
• prjblk / nessus-database-export
  Script to export Nessus results to a relational database for use in reports, analysis, or whatever else.
  ☆63Updated 4 years ago
• mandiant / ioc-scanner-CVE-2019-19781
  Indicator of Compromise Scanner for CVE-2019-19781
  ☆92Updated 4 years ago
• sisoc-tokyo / Real-timeDetectionAD_ver2
  ☆82Updated 3 years ago
• ninoseki / ukemi
  A CLI tool for querying passive DNS services
  ☆41Updated 11 months ago
• jymcheong / AutoTTP
  Automated Tactics Techniques & Procedures
  ☆251Updated last year
• SecurityRiskAdvisors / TALR
  Threat Alert Logic Repository
  ☆89Updated 5 years ago
• Static-Flow / CloudCopy
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆117Updated 5 years ago
• corelight / ripple20
  A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.
  ☆33Updated 2 years ago
• la3ar0v / TuxResponse
  Linux Incident Response
  ☆89Updated 5 years ago
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆107Updated 6 months ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆54Updated 4 months ago
• sensepost / notruler
  The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.
  ☆91Updated 7 years ago
• airbus-seclab / bta
  Open source Active Directory security audit framework.
  ☆133Updated 6 years ago
• marco-lancini / docker_offensive_elk
  Elasticsearch for Offensive Security
  ☆138Updated 4 years ago
• varchashva / vPrioritizer
  vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization,…
  ☆68Updated 3 years ago
• DiabloHorn / yara4pentesters
  rules to identify files containing juicy information like usernames, passwords etc
  ☆124Updated 6 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆168Updated last year