2igosha / sunburst_dga
☆22Updated 3 years ago
Related projects: ⓘ
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆27Updated 8 years ago
- The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.☆11Updated 3 years ago
- Yara rules☆18Updated last year
- Speaking materials from conferences I've given☆9Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 4 years ago
- A rogue DNS detector☆23Updated 11 months ago
- LetMeOutOfYour.net Resources☆19Updated 4 years ago
- ☆12Updated 3 years ago
- A list of IOCs applicable to PoshC2☆23Updated 4 years ago
- ☆16Updated 7 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆28Updated 6 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- ☆14Updated 6 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆32Updated 7 months ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 4 years ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago
- C# User Simulation☆33Updated last year
- various slides and presentations I've worked on☆18Updated 6 months ago
- Useful Windows and AD tools☆15Updated 2 years ago
- Screenshot Shenanigans☆24Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆14Updated 4 years ago
- YARA Rule Strings Statistics Calculator and Malware Research Helper☆11Updated 3 years ago
- A mini project to exfiltrate data via QR codes☆19Updated 5 months ago
- Forked and updated with some additional features over the original☆16Updated 3 years ago
- Repository of Information sharing on threats and indicators☆12Updated 4 years ago
- s3eker is an extensible way to find open S3 buckets.☆17Updated 4 years ago
- ☆12Updated 6 years ago
- Fake SMB and SAMR data☆10Updated 4 years ago