my MSTICpy practice and custom tools repository
☆11Apr 23, 2025Updated 10 months ago
Alternatives and similar repositories for MSTICPy_utils
Users that are interested in MSTICPy_utils are comparing it to the libraries listed below
Sorting:
- A curated compilation of national CERT alerts & advisories sources (for cybersecurity).☆13Sep 6, 2019Updated 6 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Tool to rip system and user data from OSX and macOS☆16Dec 6, 2022Updated 3 years ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- Search Engines ADs scanner - spotting malvertising in search engines has never been easier!☆45Nov 10, 2025Updated 3 months ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- R-CSIRT Linux Triage tool☆39Jun 28, 2018Updated 7 years ago
- ☆42Dec 13, 2020Updated 5 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- ☆78Feb 4, 2026Updated last month
- AWS EKS Cluster Forensics☆23Aug 16, 2021Updated 4 years ago
- ☆35Jan 13, 2026Updated last month
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆117Oct 22, 2021Updated 4 years ago
- Python wrappers for mal_unpack☆37Sep 19, 2023Updated 2 years ago
- Backstage Parser☆33Jun 23, 2022Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆37Jul 11, 2023Updated 2 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆40Mar 18, 2022Updated 3 years ago
- ☆14Feb 6, 2026Updated last month
- Collection of useful, up to date, Carbon Black Response Queries☆84Oct 23, 2020Updated 5 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- Generate GSM authentication triplets (as per 3GPP TS 55.205)☆16Jan 11, 2018Updated 8 years ago
- ☆11Apr 25, 2021Updated 4 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Network Shredder IDS☆11Aug 14, 2024Updated last year
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 2 years ago
- KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.☆18Nov 7, 2024Updated last year
- ☆43Oct 11, 2023Updated 2 years ago
- Cyber Underground General Intelligence Requirements☆98Feb 2, 2024Updated 2 years ago
- ☆16May 15, 2025Updated 9 months ago
- Lateral Movement and Data Access artifacts for Velociraptor☆17Dec 2, 2025Updated 3 months ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Import AbuseCH IOC Feeds into MISP☆12Feb 17, 2021Updated 5 years ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- TLD records archive. Revisiting the original TLDR project by mandatoryprogrammer, on the hunt for more root nameserver changes.☆11Dec 4, 2022Updated 3 years ago
- A set of tools that allow researchers to experiment with certificate chain validation issues☆13Dec 4, 2019Updated 6 years ago