OSSEM Modular
☆27Jun 29, 2020Updated 5 years ago
Alternatives and similar repositories for ossem_modular
Users that are interested in ossem_modular are comparing it to the libraries listed below
Sorting:
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- ☆37Apr 30, 2020Updated 5 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Jul 5, 2020Updated 5 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- OSSEM Data Dictionaries☆65Jan 22, 2025Updated last year
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆91Dec 8, 2022Updated 3 years ago
- ☆28Mar 29, 2022Updated 3 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆25May 20, 2023Updated 2 years ago
- EventList☆377Mar 21, 2021Updated 4 years ago
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…☆33Jul 24, 2020Updated 5 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Kerberoast Detection Script☆30Oct 31, 2024Updated last year
- Elemental - An ATT&CK Threat Library☆318Dec 8, 2022Updated 3 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 8 months ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆25Oct 25, 2020Updated 5 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020☆323Jan 22, 2021Updated 5 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆26Apr 13, 2020Updated 5 years ago
- ☆16May 13, 2021Updated 4 years ago
- Pushes Sysmon Configs☆90Jun 11, 2021Updated 4 years ago
- Lateral Movement graph for Azure Active Directory☆127Dec 8, 2022Updated 3 years ago
- Script that searches through all COM objects for any methods containing a key word of your choosing.☆73Feb 28, 2020Updated 6 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆45Dec 22, 2021Updated 4 years ago
- MSTSC Packet Dump Utility☆30Feb 11, 2022Updated 4 years ago
- Hostile Dropboxes Management☆26Jan 8, 2020Updated 6 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses☆102Jan 16, 2020Updated 6 years ago
- Get random bytes from the TPM (tool + BCrypt RNG provider)☆17Nov 3, 2020Updated 5 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14May 31, 2020Updated 5 years ago
- Advanced Hunting Queries for Microsoft Security Products☆108Jan 10, 2023Updated 3 years ago