Hestat

Hestat

DFIR-orensicator, Sys-Admin and overall infosec learner

74 followers · 5 following

Achievements

ossec-sysmon Public archive

A Ruleset to enhance detection capabilities of Ossec using Sysmon

dfir sysmon ossec wazuh

PowerShell 93 22 Updated Apr 13, 2022
velociraptor Public
Forked from Velocidex/velociraptor

Digging Deeper....

Go Other Updated May 6, 2021
cobaltstrike Public
Forked from Te-k/cobaltstrike

Code and yara rules to detect and analyze Cobalt Strike

Python MIT License Updated May 5, 2021
lw-yara Public

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

signature dfir yara-rules malware-detection lw-yara

YARA 101 34 GNU General Public License v3.0 Updated Mar 4, 2021
calamity Public

A script to assist in processing forensic RAM captures for malware triage

dfir malware-analysis volatility memory-forensics

Shell 27 7 GNU General Public License v3.0 Updated Feb 4, 2021
grab_beacon_config Public
Forked from whickey-r7/grab_beacon_config

Lua Updated Dec 18, 2020
wdatp-hunts Public

Updated Dec 17, 2020
misp-scripts Public

Shell Updated Sep 16, 2020
Chimera Public
Forked from tokyoneon/Chimera

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

PowerShell 1 Updated Sep 1, 2020
soc-threat-hunting Public

Repo of python/bash scripts for identifying IoC's in threat feed and other online tools

Python 27 9 GNU General Public License v3.0 Updated Jul 27, 2020
intel-sharing Public

Repository of Information sharing on threats and indicators

12 1 Updated Mar 21, 2020
ShellPop Public
Forked from 0x00-0x00/ShellPop

Pop shells like a master.

Python MIT License Updated Apr 2, 2019
atomic-red-team Public
Forked from redcanaryco/atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

PowerShell MIT License Updated Dec 11, 2018
blazescan Public archive

Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.

bash incident-response dfir scanning yara-integrated cpanel-servers malware-detection

Shell 60 13 GNU General Public License v3.0 Updated Nov 10, 2018
minerchk Public archive

Bash script to Check for malicious Cryptomining

dfir mining cryptocurrency malware-detection

Shell 38 11 Apache License 2.0 Updated Aug 19, 2018
sitrep Public

Shell Updated Jul 28, 2018
Cortex-Analyzers Public
Forked from TheHive-Project/Cortex-Analyzers

Cortex Analyzers Repository

Python 1 GNU Affero General Public License v3.0 Updated Jul 24, 2018
ClamAV-CortexAnalyzer Public

Analyzer for TheHive Cortex Soc platform. Allows you to run observables against default and custom ClamAV rules.

dfir clamav thehive cortex yara-integrated

Python 5 2 GNU Affero General Public License v3.0 Updated Jul 24, 2018
dnscat2-powershell Public
Forked from lukebaggett/dnscat2-powershell

A Powershell client for dnscat2, an encrypted DNS command and control tool.

PowerShell Updated Jul 20, 2018
liquid Public

Shell 1 1 Updated Jul 6, 2018
CTRU Public

5B12
Linux Connection Tracking Utility

Shell 1 Updated Jun 19, 2018
cryptojacking-scanner Public

Python scanner for scanning websites for crypto-jacking miners.

Python 6 2 Updated Jun 15, 2018
vt.py Public

Python 2 1 Updated Jun 5, 2018
drupal-check Public

Tool to dive Apache logs for evidence of exploitation of CVE-2018-7600

Shell 2 2 Updated May 8, 2018

Hestat

Achievements

Achievements

ossec-sysmon Public archive

Uh oh!

velociraptor Public

Uh oh!

cobaltstrike Public

Uh oh!

lw-yara Public

Uh oh!

calamity Public

Uh oh!

grab_beacon_config Public

Uh oh!

wdatp-hunts Public

Uh oh!

misp-scripts Public

Uh oh!

Chimera Public

Uh oh!

soc-threat-hunting Public

Uh oh!

intel-sharing Public

Uh oh!

ShellPop Public

Uh oh!

atomic-red-team Public

Uh oh!

blazescan Public archive

Uh oh!

minerchk Public archive

Uh oh!

sitrep Public

Uh oh!

Cortex-Analyzers Public

Uh oh!

ClamAV-CortexAnalyzer Public

Uh oh!

dnscat2-powershell Public

Uh oh!

liquid Public

Uh oh!

CTRU Public

Uh oh!

cryptojacking-scanner Public

Uh oh!

vt.py Public

Uh oh!

drupal-check Public

Uh oh!