endpoint-security

There are 68 repositories under endpoint-security topic.

  • google/santa

    A binary authorization and monitoring system for macOS

    Language:Objective-C++4.5k134384297
  • securityonion

    Security-Onion-Solutions/securityonion

    Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

    Language:Shell3.4k882.5k517
  • fleet

    fleetdm/fleet

    Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)

    Language:Go3.2k369.5k446
  • velociraptor

    Velocidex/velociraptor

    Digging Deeper....

    Language:Go3k751.2k499

  • maqp/tfc

    Tinfoil Chat - Onion-routed, endpoint secure messaging system

    Language:Python1.2k532688

  • redcanaryco/mac-monitor

    Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.

    Language:Swift982333148
  • zentral

    zentralopensource/zentral

    Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

    Language:Python7583212082
  • ThreatHunting-Keywords

    mthcht/ThreatHunting-Keywords

    Awesome list of keywords and artifacts for Threat Hunting sessions

    Language:HTML491111055

  • Netflix-Skunkworks/stethoscope-app

    A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

    Language:JavaScript4581374954
  • osctrl

    jmpsec/osctrl

    Fast and efficient osquery management

    Language:Go4021111653

  • wecooperate/iMonitorSDK

    The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发

    Language:Batchfile34511481

  • ParetoSecurity/pareto-mac

    Automatically audit your Mac for basic security hygiene.

    Language:Swift32995623

  • wecooperate/iDefender

    iDefender(冰盾 - 终端主动防御系统)

    24353631

  • droe/xnumon

    monitor macOS for malicious activity

    Language:C230224830

  • yarox24/attack_monitor

    Endpoint detection & Malware analysis software

    Language:Python22818658
  • protect-endpoints

    DDtKey/protect-endpoints

    Authorization extension for popular web-frameworks to protect your endpoints

    Language:Rust22043016

  • njcve/inflate.py

    Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.

    Language:Python1191115
  • santa

    northpolesec/santa

    A binary authorization and monitoring system for macOS

    Language:Objective-C++8794110

  • shadawck/awesome-endpoint-detection-and-response

    Collection of tool you need to have in your Endpoint Detection and Response arsenal

    773013

  • neohiro/ExploitProtection

    Windows Exploit Protection Settings (Ultimate)

    Language:PowerShell56427

  • ConradSun/NuwaStone

    A macOS behavior audit / event monitoring system with scope of file, process and network events (based on Endpoint Security Framework).

    Language:Swift43416

  • 0xN3utr0n/Kanis

    Advanced threat detection solution for Linux.

    Language:Go36304

  • paulveillard/cybersecurity-application-security

    An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security

    Language:Python334011

  • 13ihsan92/Security-Blue-Team

    This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.

    22104

  • HarfangLab/endpoint-sec

    Rust Bindings for Endpoint Security

    Language:Rust21395

  • 0xInfection/EPScalate

    Exploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).

    Language:Python18202
  • poem-grants

    DDtKey/poem-grants

    Authorization extension for poem to validate user permissions

    Language:Rust16323
  • agent

    nanny-on/agent

    This repository contains Nanny-On agent source codes. Anyone can contribute to write and update the codes. Please join us.

    Language:C++1613816
  • agent

    nanny-i/agent

    This repository includes source codes for Nanny-I for Linux. We're pleased you to join our project.

    Language:C++13133313

  • pritunl/pritunl-endpoint

    Endpoint security and monitoring

    Language:Go113010

  • Brute-f0rce/Resources

    Resources for Cyber Security

    10101

  • geniuszlyy/GenEDRBypass

    An advanced tool for bypassing EDR (Endpoint Detection and Response) systems and antivirus software by dynamically generating and injecting shellcode

    Language:C#8112
  • rocket-grants

    DDtKey/rocket-grants

    Authorization extension for Rocket

    Language:Rust7211

  • Harvester57/Windows-PolicyRules

    Set of PolicyRules used by the PolicyAnalyzer tool. Security-oriented.

    Language:PowerShell6201

  • gabrielcurrie/rapid-hardening

    High-level guidance for rapidly hardening an IT environment

    5001

  • gbiagomba/Naughty_Tarbawlz

    This project contains a collection of admin and malicious binaries. It is intended to be used for antivirus and EDR acceptance (criteria) testing

    Language:DIGITAL Command Language5200