An EDR server designed to monitor, detect, and respond to threats on network endpoints (POC).
-
Updated
Jul 22, 2024 - Python
#
edr
Here are 62 public repositories matching this topic...
A real-world, open-source Defense-in-Depth security framework built through CI/CD in production by security professionals.
open-source security incident-response cybersecurity ids siem threat-intelligence security-framework zero-trust edr defense-in-depth deception-technology
-
Updated
Jan 8, 2025 - Python
-
Updated
Feb 23, 2021 - Python
-
Updated
Jul 3, 2023 - Python
GuardSweep is a cross-platform Endpoint Detection and Response (EDR) tool built in Python. It monitors system processes, file creation, and network connections in real-time to detect and respond to suspicious activities, helping users secure their endpoints efficiently.
-
Updated
Aug 7, 2025 - Python
A proof-of-concept Technology Add-On for Splunk that queries and indexes alerts from Generic EDR.
-
Updated
Jul 6, 2023 - Python
Local-first privacy security suite with modular EDR-like tools (AI Watchdog, NetMon, Firewall Visualizer, Crypto, Messenger, Sentinel)
-
Updated
Dec 2, 2025 - Python
Welcome to Forge-XDR-Agent, an open-source Python project that represents my personal journey in developing an Extended Detection and Response (XDR) system.
docker pytest coverage-testing cybersecurity flake8 xdr tox snyk solid-principles bandit edr cyber-threat-intelligence poetry-python
-
Updated
Sep 20, 2024 - Python
Uses the Damerau-Levenshtein distance to find suspicious tasks running on endpoints in Windows.
incident-response threat-hunting edr incident-response-tooling threathunting endpoint-detection-response
-
Updated
Feb 7, 2024 - Python
Cloudit automates compliance with evidence collection. Cloudit streamlines vulnerability tracking, audit workflows, and compliance reporting by gathering artifacts, comparing findings, and generating actionable plans—keeping your organization audit-ready at all times.
aws security jira azure gcp audit pci-dss compliance elastic grc okta atlassian jumpcloud fedramp edr iso-27001 hitrust iso-27002 tx-ramp security-evidence
-
Updated
Feb 21, 2025 - Python
Carbon Black Response - IBM BigFix connector
-
Updated
Apr 17, 2023 - Python
Musashi is a Python-based rapid triage tool that applies SIGMA rules and DL anomaly detection to endpoint logs (e.g., Defender, Cortex) for threat detection and IOC extraction. It automates log analysis, helping security analysts quickly identify suspicious activity without manual querying. 🚀
-
Updated
Feb 15, 2025 - Python
SigmaEye is a Windows process monitoring toolkit that integrates ETW and user-level monitoring with Sigma rules. It detects suspicious process behavior, LOLBins usage, and potential threats in real-time. Features include dual monitoring, DLL injection tracking, and customizable detection rules. Requires admin privileges for ETW monitoring.
etw threat-hunting dll-injection process-monitoring edr lolbins endpoint-security windows-security sigma-rules
-
Updated
Feb 22, 2025 - Python
Builds a simplified Command & Control (C2) prototype to study remote command execution and file transfer patterns, while exploring detection strategies from a defensive perspective.
python virtualbox cybersecurity threat-hunting malware-analysis network-defense socket-programming c2 command-and-control edr
-
Updated
Oct 20, 2025 - Python
A Dash app for database analysis. The app visualizes connections between tables and their metadata. Originally it was designed for inputs used in National Medical Data Integration Project
-
Updated
Nov 19, 2025 - Python
Improve this page
Add a description, image, and links to the edr topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the edr topic, visit your repo's landing page and select "manage topics."