Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.
☆19Mar 13, 2022Updated 4 years ago
Alternatives and similar repositories for Epimitheus
Users that are interested in Epimitheus are comparing it to the libraries listed below
Sorting:
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Jun 20, 2020Updated 5 years ago
- Anti-Honeypot Demo (obsolete)☆18Jul 24, 2017Updated 8 years ago
- Links to malware-related YARA rules☆15Sep 29, 2022Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆48Nov 22, 2025Updated 3 months ago
- Python bindings for Yeti's API☆19Sep 12, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆14Jan 15, 2025Updated last year
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- Resilient Virtual Machine Monitor is a complete fault tolerance solution for type-I hypervisors adopting one of the most popular VMM arch…☆11Jul 30, 2020Updated 5 years ago
- Microsoft Compound File Binary (CFB) file format Python IO☆15Mar 8, 2026Updated last week
- ☆22Aug 16, 2025Updated 7 months ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- PDF Parser is a command line tool and go library for analyzing PDF files.☆14Jan 25, 2024Updated 2 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- A blog where I write stuffs in order to understand them better.☆12Apr 25, 2025Updated 10 months ago
- WEFTools☆14Apr 30, 2020Updated 5 years ago
- Help summarize a PCAP file☆33Dec 27, 2011Updated 14 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- The CRIME and BREACH Attacks work against SSL and HTTP Compression. They leverage specific properties of used compression functions and c…☆17Dec 29, 2013Updated 12 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52May 16, 2024Updated last year
- Maltego transforms to pivot between PE files based on their VirusTotal codeblocks☆19Jul 15, 2021Updated 4 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15May 18, 2019Updated 6 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 9 years ago
- SWF parser and AVM2 (Actionscript 3) bytecode parser☆19Mar 26, 2017Updated 8 years ago
- API Logger for Windows Executables☆80Sep 30, 2020Updated 5 years ago
- ☆22Aug 29, 2024Updated last year
- ☆10Oct 22, 2017Updated 8 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- ☆11Jun 2, 2016Updated 9 years ago
- Silly proof-of-concept for a PDF chatroom☆21May 3, 2023Updated 2 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Mar 3, 2020Updated 6 years ago
- ☆16Jan 31, 2015Updated 11 years ago
- Sigma rules converted for direct use with Zircolite☆14Updated this week
- Some stuff for PHD2021☆14May 21, 2025Updated 10 months ago