darkoperator / ThreatHunter-PlaybookLinks
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sysmon logs.
☆12Updated 8 years ago
Alternatives and similar repositories for ThreatHunter-Playbook
Users that are interested in ThreatHunter-Playbook are comparing it to the libraries listed below
Sorting:
- PowerShell Memory Pulling script☆19Updated 10 years ago
- PowerShell script to retreive wifi ESSIDs and Passwords.☆26Updated 8 years ago
- A bunch of scripts I use to work with urlscan.io☆35Updated 6 years ago
- A script for generating custom passphrase lists to be used for password cracking with hashcat rules☆81Updated 7 years ago
- Python-based CLI Password Analyser (Reporting Tool)☆32Updated 4 years ago
- This repo is dedicated to all my tricks, tweaks and modules for testing and hunting threats. This repo contains multiple directories whic…☆57Updated 7 years ago
- ☆30Updated 7 years ago
- Identify compromised domains or emails. A python based HIBP and HackedEmails wrapper☆38Updated 7 years ago
- A simple tool to detect NBT-NS and LLMNR spoofing (and messing with them a bit)☆36Updated 6 years ago
- Web Filter External Enumeration Tool (WebFEET)☆77Updated 11 years ago
- rules to identify files containing juicy information like usernames, passwords etc☆127Updated 7 years ago
- Various Python scripts that have come in handy but aren't important enough to get their own repository☆22Updated 4 years ago
- Python script to batch query the Tor Relays and Bridges☆36Updated 6 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.☆67Updated 7 years ago
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Updated 4 years ago
- ☆18Updated 2 years ago
- tools for analyzing strings from password lists☆58Updated 3 years ago
- malicious file maker/sender to create and send malicious attachments to test your email filter/alerting☆70Updated 8 years ago
- A collection of scripts that I've written while pentesting.☆31Updated 7 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆22Updated 8 years ago
- A few transforms and a machine for parsing Nmap XML results☆39Updated 9 years ago
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆55Updated last year
- Six Degrees of Domain Admin☆15Updated 8 years ago
- Powershell Empire Persistence finder☆120Updated 8 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 7 years ago
- Script to automate, manage, and multithread Nikto scans.☆63Updated 5 years ago
- PowerShell Scripting Expert repository, contains template code for security and administrative scripting, largely derived through taking …☆87Updated 6 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 6 years ago
- ☆81Updated 6 years ago