darkoperator / ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook:
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
- A powershell script that prints a lot of IP and connection info to the screen☆31Updated 8 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆36Updated 6 years ago
- Collection of scripts and tools that I created to aid in my testing.☆14Updated 3 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆29Updated 8 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 6 years ago
- Web Filter External Enumeration Tool (WebFEET)☆76Updated 10 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38Updated 7 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- ☆33Updated 3 months ago
- ☆18Updated last year
- C&C to deliver files and shuttle command execution instructions between an external actor and an internal agent with the help of Firefox …☆38Updated 2 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 6 years ago
- Script to parse multiple Nmap .gnmap exports into various plain-text formats for easy analysis.☆24Updated 11 years ago
- NetRipper - Smart traffic sniffing for penetration testers☆17Updated 9 years ago
- ☆35Updated 5 years ago
- ☆21Updated 2 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- Parses Java Cache IDX files☆39Updated 7 years ago
- Official Black Hat Arsenal Security Tools Repository☆21Updated 7 years ago
- Python-based CLI Password Analyser (Reporting Tool)☆33Updated 3 years ago
- Plugins to add funtionality to ProcDOT. http://www.procdot.com☆23Updated last year
- The Shodan monitoring tools allows you to monitor shodan listed servers basis on the filter you provided☆33Updated 3 years ago
- Force-Directed Graph Generator for Volatility Ouputs☆26Updated 6 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆56Updated 7 years ago
- This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan …☆50Updated 4 years ago
- Create an incident response triage toolkit for use with Windows or Linux.☆17Updated 4 years ago
- My pentest cheat sheet☆15Updated 8 years ago
- ☆22Updated 4 years ago