OSSEM Modular
☆27Jun 29, 2020Updated 5 years ago
Alternatives and similar repositories for ossem_modular
Users that are interested in ossem_modular are comparing it to the libraries listed below
Sorting:
- OSSEM Data Dictionaries☆65Jan 22, 2025Updated last year
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Powershell / C# based cross platform forensic framework based for live incident response☆23Jul 5, 2020Updated 5 years ago
- ☆37Apr 30, 2020Updated 5 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- EventList☆377Mar 21, 2021Updated 4 years ago
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- ☆28Mar 29, 2022Updated 3 years ago
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆102Jan 16, 2020Updated 6 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 8 months ago
- Elemental - An ATT&CK Threat Library☆318Dec 8, 2022Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- Lateral Movement graph for Azure Active Directory☆127Dec 8, 2022Updated 3 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆83Mar 20, 2023Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆91Dec 8, 2022Updated 3 years ago
- ☆265Oct 25, 2025Updated 4 months ago
- ☆27Mar 2, 2022Updated 4 years ago
- This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…☆33Jul 24, 2020Updated 5 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- ☆16May 13, 2021Updated 4 years ago
- ☆20Aug 18, 2020Updated 5 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆26Oct 25, 2020Updated 5 years ago
- This program exports MITRE ATT&CK framework in ELK dashboard☆80Dec 8, 2022Updated 3 years ago
- A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities☆204Nov 8, 2020Updated 5 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14May 31, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- Pushes Sysmon Configs☆90Jun 11, 2021Updated 4 years ago
- Script that searches through all COM objects for any methods containing a key word of your choosing.☆73Feb 28, 2020Updated 6 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago