Skip to content

@redcanaryco Red Canary

Change the repository type filter

All

    Repositories list

    32 repositories

    • atomic-red-team

      Public
      Small and highly portable detection tests based on MITRE's ATT&CK.
      mitremitre-attack
      C
      MIT License
      2.8k9.6k42Updated Sep 30, 2024Sep 30, 2024

    • surveyor

      Public
      A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
      Python
      MIT License
      61172209Updated Sep 30, 2024Sep 30, 2024

    • red-canary-aws-resource-discovery

      Public
      Go
      BSD 3-Clause "New" or "Revised" License
      0000Updated Sep 16, 2024Sep 16, 2024

    • invoke-atomicredteam

      Public
      Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
      PowerShell
      MIT License
      19583070Updated Aug 6, 2024Aug 6, 2024

    • helm-charts

      Public
      Red Canary's Public Helm Chart Repository
      Smarty
      BSD 3-Clause "New" or "Revised" License
      1100Updated Jul 31, 2024Jul 31, 2024

    • redcanary-ebpf-sensor

      Public
      Red Canary's eBPF Sensor
      sensorebpfedr-solutions
      C
      GNU General Public License v2.0
      149800Updated Jul 5, 2024Jul 5, 2024

    • redcanary-response-utils

      Public
      Tools to automate and/or expedite response.
      security-toolsedr
      Python
      MIT License
      3611362Updated Jul 5, 2024Jul 5, 2024

    • ansible-atomic-red-team

      Public
      This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
      Shell
      MIT License
      32402Updated Jul 4, 2024Jul 4, 2024

    • AtomicTestHarnesses

      Public
      Public Repo for Atomic Test Harness
      PowerShell
      BSD 3-Clause "New" or "Revised" License
      4624702Updated Jul 4, 2024Jul 4, 2024

    • gh-action-publish-gem-on-tag

      Public
      A Github action for publishing to the package registry on tag pushes
      Shell
      6100Updated Jul 4, 2024Jul 4, 2024

    • rtlshtree

      Public
      C++
      BSD 3-Clause "New" or "Revised" License
      2300Updated Jul 4, 2024Jul 4, 2024

    • ebpfmon

      Public
      Go
      BSD 3-Clause "New" or "Revised" License
      48300Updated Jul 4, 2024Jul 4, 2024

    • openapi

      Public
      Public API clients for connecting to the Red Canary APIs
      Python
      MIT License
      6703Updated Jul 4, 2024Jul 4, 2024

    • vscode-attack

      Public
      Visual Studio Code extension for MITRE ATT&CK
      TypeScript
      BSD 3-Clause "New" or "Revised" License
      125253Updated Jul 3, 2024Jul 3, 2024

    • mac-monitor

      Public
      Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
      macosswiftswiftuiendpoint-security
      Swift
      4491590Updated Jul 3, 2024Jul 3, 2024

    • exploit-primitive-playground

      Public
      C
      MIT License
      145800Updated Jul 3, 2024Jul 3, 2024

    • chain-reactor

      Public
      Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
      linuxsecurityelfmitresecurity-testingmitre-attackadversary-simulation
      C
      MIT License
      3328832Updated Jul 3, 2024Jul 3, 2024

    • oxidebpf

      Public archive
      A Rust library for managing eBPF programs.
      ebpfrust-crate
      Rust
      BSD 3-Clause "New" or "Revised" License
      1211400Updated Feb 26, 2024Feb 26, 2024

    • homebrew-cask

      Public
      🍻 A CLI workflow for the administration of macOS applications distributed as binaries
      Ruby
      BSD 2-Clause "Simplified" License
      11k000Updated Jun 30, 2023Jun 30, 2023

    • timescale

      Public archive
      The timescaledb gem. Pack of helpers to work with TimescaleDB extension in Ruby.
      Ruby
      MIT License
      18001Updated Jan 18, 2023Jan 18, 2023

    • Azure-Sentinel

      Public archive
      Cloud-native SIEM for intelligent security analytics for your entire enterprise.
      Jupyter Notebook
      MIT License
      3k6015Updated Aug 23, 2022Aug 23, 2022

    • protobuf

      Public archive
      Protocol Buffers - Google's data interchange format
      C++
      Other
      15k102Updated May 13, 2022May 13, 2022

    • cbconnect-2019

      Public archive
      Ruby
      2703Updated Apr 4, 2022Apr 4, 2022

    • cb-event-forwarder

      Public archive
      Subscribe to raw Carbon Black event feed and forward to another system, such as Splunk, etc.
      JavaScript
      Other
      44801Updated Feb 17, 2021Feb 17, 2021

    • public-research

      Public archive
      Public repository for Red Canary Research
      securitysecurity-research
      C
      MIT License
      103300Updated Oct 29, 2020Oct 29, 2020

    • zendesk_api_client_rb

      Public archive
      Official Ruby Zendesk API Client
      Ruby
      Apache License 2.0
      183400Updated Aug 31, 2020Aug 31, 2020

    • wwhf

      Public archive
      Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
      HTML
      206400Updated Oct 28, 2019Oct 28, 2019

    • cb-response-smb1-utility

      Public archive
      A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.
      Python
      MIT License
      71510Updated May 28, 2019May 28, 2019

    • activerecord5-redshift-adapter

      Public archive
      Ruby
      Other
      153100Updated May 22, 2019May 22, 2019

    • client_ruby

      Public archive
      Prometheus instrumentation library for Ruby applications
      Ruby
      Apache License 2.0
      149100Updated Jun 19, 2018Jun 19, 2018