Repositories list

• ARC-Labs-Hunting-Queries

  Public
  Python

  •11 fork•1111 stars•00 issues•00 pull requests•Updated Apr 14, 2026Apr 14, 2026

• ARC-Labs-ML-Starter-Kit

  Public
  Jupyter Notebook

  •00 forks•55 stars•00 issues•00 pull requests•Updated Sep 9, 2024Sep 9, 2024

• auto-ossec

  Public
  Python

  •4646 forks•142142 stars•22 issues•00 pull requests•Updated May 24, 2024May 24, 2024

• HiddenTaskHunter

  Public
  PowerShell

  •22 forks•66 stars•00 issues•00 pull requests•Updated Apr 5, 2024Apr 5, 2024

• YaraMemoryScanner

  Public
  Simple PowerShell script to enable process scanning with Yara.

  PowerShell

  •

  GNU General Public License v3.0

  •2020 forks•9999 stars•00 issues•11 pull request•Updated Oct 4, 2022Oct 4, 2022

• OTX-Microsoft-Logic-App

  Public
  Microsoft Logic App for consuming Open Threat Exchange (OTX) data in Microsoft Sentinel / Log Analytics Workspace

  MIT License

  •00 forks•22 stars•00 issues•00 pull requests•Updated Sep 15, 2022Sep 15, 2022

• GhidraRustDependenciesExtractor

  Public
  Ghidra script for extracting embedded Rust crate dependency strings from a compiled Rust binary

  Python

  •33 forks•3636 stars•00 issues•11 pull request•Updated Aug 9, 2022Aug 9, 2022

• community-threats

  Public
  A place to share attack chains for testing people, process, and technology with the entire community. The largest, public library of adversary emulation and adv…

  PowerShell

  •

  MIT License

  •8686 forks•44 stars•00 issues•00 pull requests•Updated Jul 27, 2022Jul 27, 2022

• decloaker

  Public
  A script that attempts to decloak symbiote activity, and some other LD_PRELOAD activity

  Shell

  •00 forks•33 stars•00 issues•00 pull requests•Updated Jun 26, 2022Jun 26, 2022

• sigma

  Public
  Generic Signature Format for SIEM Systems

  Python

  •

  Other

  •2.6k2.6k forks•33 stars•00 issues•00 pull requests•Updated Jun 10, 2022Jun 10, 2022

• ThreatHuntingJupyterNotebooks

  Public
  Jupyter Notebook

  •1111 forks•6868 stars•11 issue•00 pull requests•Updated May 13, 2022May 13, 2022

• glyph-hunter

  Public
  Python Flask web app that checks names for potential homoglyph characteristics and reports results in json format

  Python

  •

  MIT License

  •22 forks•33 stars•00 issues•00 pull requests•Updated Apr 21, 2022Apr 21, 2022

• borat-rat-plugin-emulators

  Public
  .Net Libraries (DLLs) re-written from scratch that emulate the functionality of Borat RAT for defese testing purposes

  C#

  •

  MIT License

  •00 forks•33 stars•00 issues•00 pull requests•Updated Apr 14, 2022Apr 14, 2022

• beacon-fronting

  Public
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting

  Go

  •

  MIT License

  •1111 forks•7070 stars•00 issues•00 pull requests•Updated Feb 3, 2022Feb 3, 2022

• artillery

  Public
  The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

  Python

  •303303 forks•1k1k stars•2323 issues•22 pull requests•Updated Jan 6, 2022Jan 6, 2022

• log4j-honeypot-flask

  Public
  Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

  Python

  •2525 forks•151151 stars•11 issue•00 pull requests•Updated Dec 20, 2021Dec 20, 2021

• mining-pools

  Public
  List of mining pool domain names for use in detection logic

  11 fork•22 stars•00 issues•00 pull requests•Updated Dec 20, 2021Dec 20, 2021

• RPCFirewall-LogParsers

  Public
  00 forks•11 star•00 issues•00 pull requests•Updated Nov 10, 2021Nov 10, 2021

• sysmon-modular

  Public
  A repository of sysmon configuration modules

  PowerShell

  •

  MIT License

  •644644 forks•55 stars•00 issues•00 pull requests•Updated Jun 30, 2021Jun 30, 2021

• BinaryDefense.FSharp.Analyzers

  Public
  Security analyzers for the FSharp (F#) language

  F#

  •

  MIT License

  •44 forks•3838 stars•11 issue•00 pull requests•Updated May 24, 2021May 24, 2021

• IcedDecrypt

  Public
  IcedID Decryption Tool

  Python

  •44 forks•2828 stars•00 issues•00 pull requests•Updated May 7, 2021May 7, 2021

• BinaryDefense.Junit.Expecto.TestLogger

  Public
  testingexpectofsharp+ 3

  testingexpectofsharpjunittest-reportingtest-report

  F#

  •

  MIT License

  •00 forks•00 stars•00 issues•00 pull requests•Updated Jan 29, 2021Jan 29, 2021

• BinaryDefense.github.io

  Public
  00 forks•00 stars•00 issues•00 pull requests•Updated Jan 8, 2021Jan 8, 2021

• JsonWrapper

  Public
  A Myriad plugin for generating statically typed lossless wrappers around JToken given a schema.

  F#

  •

  MIT License

  •22 forks•1515 stars•22 issues•00 pull requests•Updated Jul 1, 2020Jul 1, 2020

• goatrider

  Public
  GoatRider is a simple tool that will dynamically pull down Artillery Threat Intelligence Feeds, TOR, AlienVaults OTX, and the Alexa top 1 million websites and d…

  Python

  •

  Other

  •3535 forks•145145 stars•22 issues•11 pull request•Updated Nov 26, 2018Nov 26, 2018