Endpoint detection & Malware analysis software
☆230Dec 20, 2019Updated 6 years ago
Alternatives and similar repositories for attack_monitor
Users that are interested in attack_monitor are comparing it to the libraries listed below
Sorting:
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Linux Incident Response☆90Sep 22, 2019Updated 6 years ago
- a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations…☆535Mar 27, 2022Updated 3 years ago
- Automate Metasploit scanning and exploitation☆118Jul 20, 2025Updated 8 months ago
- ☆25Aug 11, 2020Updated 5 years ago
- Security event correlation engine for ELK stack☆447Jun 26, 2024Updated last year
- Open Source EDR for Windows☆1,296Feb 25, 2023Updated 3 years ago
- The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Micro…☆150May 29, 2020Updated 5 years ago
- Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality☆83Feb 18, 2023Updated 3 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,315Aug 10, 2023Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated 2 months ago
- Utilities for Sysmon☆1,576Sep 21, 2025Updated 6 months ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆446Oct 26, 2022Updated 3 years ago
- Windows Events Attack Samples☆2,526Jan 24, 2023Updated 3 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,014Jul 3, 2018Updated 7 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- Credentials gathering tool automating remote procdump and parse of lsass process.☆782Jun 20, 2020Updated 5 years ago
- Digital forensic acquisition tool for Windows based incident response.☆347May 7, 2024Updated last year
- AMIRA: Automated Malware Incident Response & Analysis☆151Feb 3, 2026Updated last month
- DFIRTrack - The Incident Response Tracking Application☆534Jan 13, 2026Updated 2 months ago
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- Manticore Adversary Emulation Cli☆47Aug 4, 2020Updated 5 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,137Oct 19, 2025Updated 5 months ago
- crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks☆111Dec 11, 2019Updated 6 years ago
- ☆23Aug 1, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆430Dec 22, 2023Updated 2 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- an asynchronous target enumeration tool☆246Dec 8, 2022Updated 3 years ago
- Silencing Sysmon via driver unload☆236Oct 13, 2022Updated 3 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆330Jul 7, 2023Updated 2 years ago
- Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.☆418Aug 10, 2023Updated 2 years ago
- ☆524Aug 11, 2023Updated 2 years ago
- Python / C# Unmanaged PowerShell based RAT☆771Mar 29, 2023Updated 2 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Emulates the Sysinternals Autoruns tool, but for DFIR purposes e.g. multi user processing☆55May 18, 2019Updated 6 years ago
- PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.☆431May 22, 2020Updated 5 years ago
- ArmourBird CSF - Container Security Framework☆44Apr 22, 2022Updated 3 years ago
- ☆24Mar 19, 2020Updated 6 years ago
- Kaspersky's GReAT KLara☆733Jul 24, 2024Updated last year