shadawck / awesome-endpoint-detection-and-response

Related projects ⓘ

Alternatives and complementary repositories for awesome-endpoint-detection-and-response

• abusech / ThreatFox
  Open IOC sharing platform
  ☆52Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• typosquatter / ail-typo-website
  Website for ail-typo-squatting library
  ☆53Updated 5 months ago
• silascutler / awesome-docker-malware-analysis
  Repository of tools and resources for analyzing Docker containers
  ☆59Updated 11 months ago
• vuldb / cyber_threat_intelligence
  Cyber Threat Intelligence Data, Indicators, and Analysis
  ☆73Updated last month
• curated-intel / Initial-Access-Broker-Landscape
  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
  ☆107Updated 3 years ago
• svdwi / BlueBox
  BlueBox Malware analysis Box and Cyber threat intelligence.
  ☆38Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆42Updated last year
• WithSecureLabs / detectree
  Data visualization for blue teams
  ☆124Updated last year
• markuskont / pikksilm
  Look into EDR events from network
  ☆23Updated 6 months ago
• mthcht / ThreatHunting-Keywords-yara-rules
  yara detection rules for hunting with the threathunting-keywords project
  ☆83Updated this week
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆80Updated 2 years ago
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆86Updated 2 years ago
• pain0x0 / awesome-incident-response
  ☆19Updated last year
• alt3kx / wafaray
  Enhance your malware detection with WAF + YARA (WAFARAY)
  ☆107Updated 2 years ago
• silverfort-open-source / latma
  ☆79Updated last year
• JPCERTCC / SurfaceAnalysis-on-Cloud
  Surface Analysis System on Cloud
  ☆19Updated 10 months ago
• Sh1n0g1 / z9
  PowerShell Script Analyzer
  ☆65Updated last year
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆76Updated 4 months ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆77Updated last year
• ninoseki / shimon
  URL fingerprinting made easy
  ☆79Updated 6 months ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆49Updated 3 weeks ago
• StevenD33 / Lab-DFIR-SOC
  ☆63Updated 3 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆57Updated 2 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆93Updated 3 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 2 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆65Updated this week
• mnrkbys / norimaci
  Norimaci is a simple and lightweight malware analysis sandbox for macOS
  ☆66Updated 4 years ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆90Updated 2 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆50Updated last year