Red Canary's repositories
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
invoke-atomicredteam
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
chain-reactor
Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
AtomicTestHarnesses
Public Repo for Atomic Test Harness
redcanary-response-utils
Tools to automate and/or expedite response.
redcanary-ebpf-sensor
Red Canary's eBPF Sensor
vscode-attack
Visual Studio Code extension for MITRE ATT&CK
public-research
Public repository for Red Canary Research
ansible-atomic-red-team
This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
cb-response-smb1-utility
A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.
cb-event-forwarder
Subscribe to raw Carbon Black event feed and forward to another system, such as Splunk, etc.
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
zendesk_api_client_rb
Official Ruby Zendesk API Client
cbapi-python
Carbon Black API - Python language bindings
client_ruby
Prometheus instrumentation library for Ruby applications
gh-action-publish-gem-on-tag
A Github action for publishing to the package registry on tag pushes
helm-charts
Red Canary's Public Helm Chart Repository
homebrew-cask
🍻 A CLI workflow for the administration of macOS applications distributed as binaries