Alternatives and similar repositories for Real-timeDetectionAD_ver2:

Users that are interested in Real-timeDetectionAD_ver2 are comparing it to the libraries listed below

• vysecurity / CobaltSplunk
  Splunk Dashboard for CobaltStrike logs
  ☆86Updated 3 years ago
• CyberMonitor / Invoke-Adversary
  Simulating Adversary Operations
  ☆92Updated 6 years ago
• tasox / LogRM
  LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
  ☆73Updated 5 years ago
• vysecurity / ATT-CK_Analysis
  Repository for my ATT&CK analysis research.
  ☆68Updated 5 years ago
• redcanaryco / wwhf
  Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
  ☆64Updated 5 years ago
• olafhartong / detection-sources
  ☆53Updated 6 years ago
• OTRF / bloodhound-notebook
  BloodHound Cypher Queries Ported to a Jupyter Notebook
  ☆53Updated 4 years ago
• mikesiegel / ews-crack
  ☆139Updated 5 years ago
• decoder-it / whoami-priv-Hackinparis2019
  Slides from my talk in "Hackinparis" 2019 edition
  ☆91Updated 5 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• xenoscr / atomiccaldera
  A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…
  ☆71Updated 3 years ago
• homjxi0e / PowerAvails
  PowerAvails is a unit of collection of Powershell modules that help you get done many things
  ☆118Updated 5 years ago
• leeberg / BlueCommand
  Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard
  ☆104Updated 5 years ago
• cyberark / ketshash
  A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.
  ☆169Updated 2 weeks ago
• fox-it / cobaltstrike-extraneous-space
  Historical list of {Cobalt Strike,NanoHTTPD} servers
  ☆122Updated 5 years ago
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated 2 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 6 years ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 5 years ago
• G0ldenGunSec / PowerPriv
  A Powershell implementation of PrivExchange designed to run under the current user's context
  ☆124Updated 6 years ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆55Updated 7 months ago
• ubeeri / Invoke-PWAudit
  A PowerShell tool which provides an easy way to check for shared passwords between Windows Active Directory accounts
  ☆32Updated 6 years ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆135Updated 5 years ago
• dwestgard / threat_hunting_tables
  Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
  ☆42Updated 6 years ago
• jaredhaight / WindowsAttackAndDefenseLab
  ☆166Updated 5 years ago
• fullmetalcache / SharpFiles
  ☆55Updated 4 years ago
• Ne0nd0g / ADPasswordHealth
  A tool to evaluate the password health of Active Directory accounts.
  ☆40Updated 3 months ago
• dstepanic / attck_empire
  Generate ATT&CK Navigator layer file from PowerShell Empire agent logs
  ☆49Updated 6 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆208Updated 2 years ago
• skelsec / pypykatz_agent_dn
  Pypykatz agent implemented in .NET
  ☆86Updated 5 years ago
• MatthewDemaske / ThreatHuntingStuff
  Useful Threat Hunting Stuff
  ☆31Updated 4 years ago