Digging Deeper....
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
List of real-world threats against endpoint protection software
Collection of tool you need to have in your Endpoint Detection and Response arsenal
Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint security with Splunk's extensive investigation and visualization capabilities to deliver an advanced security reporting and analysis tool.
The Palo Alto Networks Add-on for Splunk allows a Splunk® Enterprise or Splunk Cloud administrator to collect data from Palo Alto Networks Next-Generation Firewall devices and Advanced Endpoint Protection.
This repository includes source codes for Nanny-I for Linux. We're pleased you to join our project.
This project contains a collection of admin and malicious binaries. It is intended to be used for antivirus and EDR acceptance (criteria) testing
LibICAP implementation of the RFC3507
OGTTrust: Real-time USB monitoring and keystroke behavior analysis tool built with .NET 10 and WPF. Detects suspicious device activity and automated injection attacks with an async event-driven architecture and a modern dark-theme UI.
Enterprise-grade Firewall + Antivirus + Anti-Rootkit. Free. AI-Powered. Community hub for bug reports, YARA rules, and browser extension.
Secure one file easy to understand and install zero-dependent cross-platform Endpoint Detection & Response security tool
Zero-Trust Cloud Platform using AWS, Terraform, Docker, Kubernetes, and serverless automation. Includes IaC, containerized microservices, Lambda incident response, WAF & VPC security, Prometheus/Grafana observability, and CI/CD workflow. Fully documented for demo and learning purposes.
🛡️ High-performance, standalone antivirus in pure C#. Zero dependencies, zero bloat, Shannon entropy heuristics, and real-time monitoring.
Automated SentinelOne deployment script for macOS using Workspace ONE UEM and Munki.
Automated Windows 10/11 security hardening PowerShell script implementing defence-in-depth controls based on NIST, CIS, and Microsoft security baselines. Features include advanced firewall rules, ASR deployment, BitLocker enforcement, network protocol lockdown, exploit mitigation, and rollback-safe operations for enterprise or standalone deployment
Multi-channel behavioral noise generator for stress-testing surveillance classifiers
Unofficial Docker image for Velociraptor, an endpoint visibility and collection tool.
PowerShell scripts for automated detection and remediation of configuration drift on Windows endpoints via Microsoft Intune.
Add a description, image, and links to the endpoint-protection topic page so that developers can more easily learn about it.
To associate your repository with the endpoint-protection topic, visit your repo's landing page and select "manage topics."