Sysmon ModularA repository of sysmon configuration modules
Stars: ✭ 1,229 (+471.63%)
Sentinel AttackTools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+214.42%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+1672.09%)
AttackdatamapA datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+22.79%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+600.47%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-83.72%)
ad-privileged-auditProvides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-80.47%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (-76.74%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+297.21%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+40%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (+100.47%)
Repo SupervisorScan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (+124.19%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-84.19%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-71.63%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+318.14%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-59.07%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+292.56%)
ShuffleShuffle: A general purpose security automation platform platform. We focus on accessibility for all.
Stars: ✭ 424 (+97.21%)
ir scriptsincident response scripts
Stars: ✭ 17 (-92.09%)
ThreathuntingA Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Stars: ✭ 738 (+243.26%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+260.93%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+312.09%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-66.51%)
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (-59.53%)
MalwarepersistencescriptsA collection of scripts I've written to help red and blue teams with malware persistence techniques.
Stars: ✭ 103 (-52.09%)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
Stars: ✭ 82 (-61.86%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-72.09%)
SWELFSimple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
Stars: ✭ 23 (-89.3%)
TA-Sysmon-deployDeploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-85.58%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-63.26%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+1627.91%)
qradarUnofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Stars: ✭ 53 (-75.35%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-69.3%)
Opensource-Endpoint-MonitoringThis repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Stars: ✭ 30 (-86.05%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-40.93%)
Pidense🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (+66.51%)
SigmaGeneric Signature Format for SIEM Systems
Stars: ✭ 4,418 (+1954.88%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+2704.65%)
DetectionlabAutomate the creation of a lab environment complete with security tooling and logging best practices
Stars: ✭ 3,237 (+1405.58%)
LogontracerInvestigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+790.23%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-24.65%)
PezorOpen-Source PE Packer
Stars: ✭ 561 (+160.93%)
Attack ToolsUtilities for MITRE™ ATT&CK
Stars: ✭ 810 (+276.74%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+2772.09%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+451.63%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (-57.21%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+15206.51%)
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (-16.74%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-26.05%)
Deploy DeceptionA PowerShell module to deploy active directory decoy objects.
Stars: ✭ 109 (-49.3%)
Threathunter PlaybookA Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
Stars: ✭ 2,879 (+1239.07%)
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+5.58%)
SlackpirateSlack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Stars: ✭ 512 (+138.14%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-49.77%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-20.47%)
WhidsOpen Source EDR for Windows
Stars: ✭ 188 (-12.56%)