-
FalconFriday Public
Forked from FalconForceTeam/FalconFridayHunting queries and detections
BSD 3-Clause "New" or "Revised" License UpdatedJun 28, 2024 -
ROADtools Public
Forked from dirkjanm/ROADtoolsA collection of Azure AD/Entra tools for offensive and defensive security purposes
Python MIT License UpdatedJun 25, 2024 -
kestrel-huntbook Public
Forked from opencybersecurityalliance/kestrel-huntbookThis repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)
Jupyter Notebook Other UpdatedMay 8, 2023 -
legacy-sigmatools Public
Forked from SigmaHQ/legacy-sigmatoolsLegacy Sigma Tools (sigmac etc.)
Python GNU Lesser General Public License v3.0 UpdatedMay 7, 2023 -
AIMOD2 Public
Forked from darkquasar/AIMOD2Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or…
Other UpdatedMay 1, 2023 -
sigma-cli Public
Forked from SigmaHQ/sigma-cliThe Sigma command line interface based on pySigma
Python UpdatedApr 30, 2023 -
dir2json Public
Forked from bitsadmin/dir2jsonTool for efficient directory enumeration
C# BSD 3-Clause "New" or "Revised" License UpdatedApr 3, 2023 -
Hunting-Queries-Detection-Rules Public
Forked from Bert-JanP/Hunting-Queries-Detection-RulesDefender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
UpdatedDec 28, 2022 -
Locksmith Public
Forked from jakehildreth/LocksmithA tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services
PowerShell Other UpdatedDec 27, 2022 -
dissect Public
Forked from fox-it/dissectThis project is a meta package, it will install all other Dissect modules with the right combination of versions.
Python GNU Affero General Public License v3.0 UpdatedOct 4, 2022 -
LinuxCatScale Public
Forked from WithSecureLabs/LinuxCatScaleIncident Response collection and processing scripts with automated reporting scripts
Shell GNU General Public License v3.0 UpdatedMay 31, 2022 -
EVTX-ATTACK-SAMPLES Public
Forked from sbousseaden/EVTX-ATTACK-SAMPLESWindows Events Attack Samples
HTML GNU General Public License v3.0 UpdatedFeb 19, 2022 -
-
SharpShares Public
Forked from mitchmoser/SharpSharesMultithreaded C# .NET Assembly to enumerate accessible network shares in a domain
C# MIT License UpdatedSep 21, 2021 -
-
mvt Public
Forked from mvt-project/mvtMVT is a forensic tool to look for signs of infection in smartphone devices
Python Other UpdatedJul 21, 2021 -
-
CAPE Public
Forked from ctxis/CAPEMalware Configuration And Payload Extraction
Python UpdatedApr 2, 2021 -
-
BloodHound Public
Forked from SpecterOps/BloodHound-LegacySix Degrees of Domain Admin
PowerShell GNU General Public License v3.0 Updated Mar 30, 2021 -
windows-event-forwarding Public
Forked from palantir/windows-event-forwardingA repository for using windows event forwarding for incident detection and response
Roff Other UpdatedMar 29, 2021 -
-
-
uac Public
Forked from tclahr/uacUAC (Unix-like Artifacts Collector) is a Live Response collection tool for Incident Reponse that makes use of built-in tools to automate the collection of Unix-like systems artifacts. Supported sys…
Shell Apache License 2.0 UpdatedFeb 23, 2021 -
Dumpert Public
Forked from outflanknl/DumpertLSASS memory dumper using direct system calls and API unhooking.
C UpdatedJan 5, 2021 -
-
openedr Public
Forked from ComodoSecurity/openedrOpen EDR public repository
C++ Other UpdatedDec 16, 2020 -
SIEM Public
Forked from TonyPhipps/SIEMSIEM Tactics, Techiques, and Procedures
GNU General Public License v3.0 UpdatedDec 11, 2020 -
jarm Public
Forked from salesforce/jarmPython BSD 3-Clause "New" or "Revised" License UpdatedNov 17, 2020 -
CobaltStrikeScan Public
Forked from Apr4h/CobaltStrikeScanScan files or process memory for CobaltStrike beacons and parse their configuration
C# UpdatedOct 18, 2020
{{ message }}