Red Canary, a Zscaler company

Red Canary, a Zscaler company's repositories

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.

Language:PowerShellMIT974 55 66

chain-reactor

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Language:CMIT319 37 9

AtomicTestHarnesses

Public Repo for Atomic Test Harness

Language:PowerShellBSD-3-Clause276 34 1

surveyor

A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.

Language:PythonMIT232 34 76

oxidebpf

A Rust library for managing eBPF programs.

Language:RustBSD-3-Clause123 24 1

redcanary-response-utils

Tools to automate and/or expedite response.

Language:PythonMIT115 37 7

redcanary-ebpf-sensor

Red Canary's eBPF Sensor

Language:CGPL-2.0109 24 1

ebpfmon

Language:GoBSD-3-Clause89 200

exploit-primitive-playground

Language:CMIT64 240

wwhf

Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.

Language:HTML64 210

vscode-attack

Visual Studio Code extension for MITRE ATT&CK

Language:TypeScriptBSD-3-Clause54 22 11

public-research

Public repository for Red Canary Research

Language:CMIT37 240

ansible-atomic-red-team

This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam

Language:ShellMIT27 150

cb-response-smb1-utility

A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.

Language:PythonMIT15 28 1

cb-event-forwarder

Subscribe to raw Carbon Black event feed and forward to another system, such as Splunk, etc.

Language:JavaScriptNOASSERTION8 130

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Language:Jupyter NotebookMIT7 10

cbconnect-2019

Language:Ruby7 210

openapi

Public API clients for connecting to the Red Canary APIs

Language:PythonMIT7 290

zendesk_api_client_rb

Official Ruby Zendesk API Client

Language:RubyApache-2.04 10

rtlshtree

Language:C++BSD-3-Clause3 190

activerecord5-redshift-adapter

Language:RubyNOASSERTION1 30

client_ruby

Prometheus instrumentation library for Ruby applications

Language:RubyApache-2.01 120

gh-action-publish-gem-on-tag

A Github action for publishing to the package registry on tag pushes

Language:Shell1 20

helm-charts

Red Canary's Public Helm Chart Repository

Language:SmartyBSD-3-Clause1 170

protobuf

Protocol Buffers - Google's data interchange format

Language:C++NOASSERTION1 10

homebrew-cask

A CLI workflow for the administration of macOS applications distributed as binaries

Language:RubyBSD-2-Clause010

osquery-forensics-agent

Language:PythonNOASSERTION000

red-canary-aws-resource-discovery

Language:GoBSD-3-Clause000

timescale

The timescaledb gem. Pack of helpers to work with TimescaleDB extension in Ruby.

Language:RubyMIT010