whids
EDR tool
An open source EDR solution designed to provide real-time incident response capabilities by detecting potential security threats on Windows systems.
Open Source EDR for Windows
1k stars
45 watching
145 forks
Language: Go
last commit: almost 2 years ago dfiredridssysmonthreat-huntingwindows
Related projects:
| Repository | Description | Stars |
|---|---|---|
 cyberdefenseinstitute/cdir | A tool designed to collect data from Windows systems during an incident response | 154 |
 opensourcesec/cirtkit | A comprehensive toolset for digital forensics and incident response analysis using Python | 142 |
 rkervella/carbonmonoxide | A toolkit for evading endpoint detection and response (EDR) by combining techniques to spoof system properties and inject malicious code. | 24 |
 codeyourweb/fastfinder | Tools for detecting suspicious files and directories on Windows and Linux endpoints. | 234 |
 travisfoley/dfirtriage | A digital forensic tool designed to gather and analyze data from Windows-based systems in incident response scenarios. | 335 |
 t0pcyber/hawk | A PowerShell-based tool to gather information on O365 intrusions and potential breaches. | 722 |
 aboutsecurity/rastrea2r | A tool for hunting and tracking Internet of Things (IoT) security threats by collecting and analyzing indicators of compromise (IOCs) | 116 |
 slimm609/checksec | A tool to analyze and report on the security properties of executables | 2,061 |
 opengeos/whiteboxr | An R package for geospatial data analysis and processing | 173 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 869 |
 sbousseaden/slides | Collection of resources and concepts for threat hunting and detection engineering. | 372 |
 beahunt3r/windows-hunting | A collection of tools and resources to aid Windows threat hunters in identifying common security artifacts. | 347 |
 gossithedog/threathunting | Tools and rules for detecting malicious domain calls in endpoint malware | 570 |
 adamkramer/rapid_env | A tool for rapidly setting up a malware analysis environment with Windows file, registry key, and mutex management. | 40 |