WhiteBeamWhiteBeam: Transparent endpoint security
Stars: ✭ 74 (+184.62%)
WELAWELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
Stars: ✭ 442 (+1600%)
ScareCrow-CobaltStrikeCobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
Stars: ✭ 387 (+1388.46%)
r2yarar2yara - Module for Yara using radare2 information
Stars: ✭ 30 (+15.38%)
cbapi-pythonCarbon Black API - Python language bindings
Stars: ✭ 140 (+438.46%)
inkThe flexible TypeScript Markdown editor that powers https://octo.app
Stars: ✭ 82 (+215.38%)
hayabusaHayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Stars: ✭ 908 (+3392.31%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-11.54%)
OwlyshieldOwlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..
Stars: ✭ 281 (+980.77%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+10973.08%)
Hfish安全、可靠、简单、免费的企业级蜜罐
Stars: ✭ 2,977 (+11350%)
Security OnionSecurity Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Stars: ✭ 2,956 (+11269.23%)
HelkThe Hunting ELK
Stars: ✭ 3,097 (+11811.54%)
KQLKQL queries for Advanced Hunting
Stars: ✭ 110 (+323.08%)
vue-showdowns-editorA markdown editor using codemirror and previewer using @jhuix/showdowns for Vue.js.
Stars: ✭ 27 (+3.85%)
TiEtwAgentPoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Stars: ✭ 135 (+419.23%)
ElkeidElkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture.
Stars: ✭ 1,245 (+4688.46%)
Rhythm-CB-ScriptsCollection of scripts for use with Carbon Black Cb Response API
Stars: ✭ 14 (-46.15%)
PSMDATPPowerShell Module for managing Microsoft Defender Advanced Threat Protection
Stars: ✭ 48 (+84.62%)