Hunting Malicious Macros SANS Threathunting Summit 2021 Materials
☆39Oct 9, 2021Updated 4 years ago
Alternatives and similar repositories for SANSTHS2021
Users that are interested in SANSTHS2021 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NTFS file system specimens☆13May 21, 2026Updated last week
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- PowerShell Memory Pulling script☆19Mar 24, 2015Updated 11 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆37Jan 2, 2024Updated 2 years ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- PowerShell wrapper for nmap, allows easy scanning of many hosts and subnets☆15Apr 1, 2018Updated 8 years ago
- QEMU with rVMI extensions☆25Jul 25, 2017Updated 8 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- This is a sample script how to parse the Talos blogs, and automatically add observables to Cisco Casebook.☆18May 22, 2023Updated 3 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated 4 months ago
- ☆34Nov 16, 2023Updated 2 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14May 31, 2020Updated 5 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 4 years ago
- ☆12Oct 10, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- SpyCore - Windows Malicious FIle Scanner (Distributes)☆14Jun 10, 2023Updated 2 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 30, 2026Updated 2 months ago
- Automated Phishing Tool☆11May 27, 2020Updated 6 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated 2 years ago
- ☆12Dec 18, 2017Updated 8 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- ☆23Mar 12, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆80Jan 9, 2024Updated 2 years ago
- ☆87Mar 7, 2025Updated last year
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- ☆20Oct 23, 2020Updated 5 years ago
- A tool to display Windows Event logs as they happen.☆14Sep 19, 2023Updated 2 years ago
- Tool allows to convert text into Morse code and save to wav file.☆15Oct 17, 2013Updated 12 years ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Apr 4, 2023Updated 3 years ago
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Apr 23, 2020Updated 6 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆18Oct 29, 2014Updated 11 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Slides and Other Resources from my latest Talks and Presentations☆24Sep 17, 2025Updated 8 months ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 4 years ago
- A developer-friendly framework for exhaustive analysis of (PCAP and PE) files.☆15Nov 6, 2017Updated 8 years ago
- Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.☆20Feb 2, 2022Updated 4 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- The purpose of these documents, it was to execute several efficiency and detection tests in some endpoint solutions, this document brings…☆19Dec 23, 2020Updated 5 years ago
- FWT is a security analysis and file monitoring tool that utilizes Sysmon events.☆28Jul 15, 2024Updated last year