Alternatives and similar repositories for Real-timeDetectionAD_ver2

Users that are interested in Real-timeDetectionAD_ver2 are comparing it to the libraries listed below

• redcanaryco / wwhf
  Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
  ☆64Updated 5 years ago
• vysecurity / CobaltSplunk
  Splunk Dashboard for CobaltStrike logs
  ☆89Updated 4 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• CyberMonitor / Invoke-Adversary
  Simulating Adversary Operations
  ☆93Updated 7 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• OTRF / bloodhound-notebook
  BloodHound Cypher Queries Ported to a Jupyter Notebook
  ☆53Updated 5 years ago
• tasox / LogRM
  LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
  ☆74Updated 5 years ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆57Updated 11 months ago
• mikesiegel / ews-crack
  ☆140Updated 5 years ago
• vysecurity / ATT-CK_Analysis
  Repository for my ATT&CK analysis research.
  ☆69Updated 6 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆111Updated 6 years ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 5 years ago
• decoder-it / whoami-priv-Hackinparis2019
  Slides from my talk in "Hackinparis" 2019 edition
  ☆91Updated 6 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆170Updated 4 months ago
• mdavis332 / DomainPasswordSpray
  DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically g…
  ☆99Updated 2 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 4 years ago
• shellster / DCSYNCMonitor
  Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.
  ☆140Updated 7 years ago
• xenoscr / atomiccaldera
  A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…
  ☆71Updated 3 years ago
• nccgroup / OutlookLeakTest
  The Outlook HTML Leak Test Project
  ☆131Updated 7 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• mdsecactivebreach / SharpPack
  An Insider Threat Toolkit
  ☆151Updated 6 years ago
• lkys37en / Start-ADEnum
  Tool that automates Active Directory enumeration
  ☆88Updated 4 years ago
• mitre-attack / attack-evals
  ATT&CK Evaluations website (DEPRECATED)
  ☆59Updated 4 years ago
• G0ldenGunSec / PowerPriv
  A Powershell implementation of PrivExchange designed to run under the current user's context
  ☆125Updated 6 years ago
• RhinoSecurityLabs / Aggressor-Scripts
  Aggregation of Cobalt Strike's aggressor scripts.
  ☆143Updated 7 years ago
• awsmhacks / AttackingAD
  This repo will contain slides and information from the Attacking Active Directory Hacking Series talks presented at SecKC.
  ☆32Updated 11 months ago
• rabobank-cdc / Blue-ATTACK
  The new name is DeTT&CT
  ☆24Updated 5 years ago
• fullmetalcache / SharpFiles
  ☆56Updated 5 years ago
• G4LB1T / Invoke-NoShell
  All the Power with no Shell
  ☆36Updated 3 years ago
• dstepanic / attck_empire
  Generate ATT&CK Navigator layer file from PowerShell Empire agent logs
  ☆49Updated 6 years ago