infosecB / LOOBins

Related projects: ⓘ

• naksyn / Pyramid
  a tool to help operate in EDRs' blind spots
  ☆639Updated 5 months ago
• volexity / threat-intel
  Signatures and IoCs from public Volexity blog posts.
  ☆307Updated last month
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆186Updated last month
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆259Updated 9 months ago
• idnahacks / GoodHound
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆444Updated 2 months ago
• scythe-io / purple-team-exercise-framework
  Purple Team Exercise Framework
  ☆584Updated 8 months ago
• mthcht / ThreatHunting-Keywords
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆436Updated 2 weeks ago
• vectra-ai-research / MAAD-AF
  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
  ☆350Updated last week
• NextronSystems / ransomware-simulator
  Ransomware simulator written in Golang
  ☆401Updated 2 years ago
• layer8secure / SilentHound
  Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.
  ☆475Updated last year
• garrettfoster13 / sccmhunter
  ☆633Updated this week
• fr0gger / IATelligence
  IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&…
  ☆347Updated last year
• claroty / arya
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆238Updated last year
• k1nd0ne / VolWeb
  A centralized and enhanced memory analysis platform
  ☆355Updated 2 weeks ago
• warhorse / warhorse
  Infrastructure Automation
  ☆311Updated 5 months ago
• CCob / okta-terrify
  Okta Verify and Okta FastPass Abuse Tool
  ☆279Updated 2 weeks ago
• randomaccess3 / Awesome-BEC
  Repository of attack and defensive information for Business Email Compromise investigations
  ☆216Updated 3 weeks ago
• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆149Updated 6 months ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆578Updated 3 months ago
• BloodHoundAD / BARK
  BloodHound Attack Research Kit
  ☆470Updated 3 weeks ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆152Updated 2 months ago
• trustedsec / The_Shelf
  Retired TrustedSec Capabilities
  ☆218Updated last week
• malcomvetter / Periscope
  ☆359Updated this week
• mttaggart / blue-jupyter
  Jupyter Notebooks for the Blue Team
  ☆139Updated last year
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆192Updated 2 years ago
• executemalware / Malware-IOCs
  ☆503Updated last month
• cr0nx / awesome-linux-attack-forensics-purplelabs
  This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
  ☆121Updated last year
• evild3ad / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆485Updated this week
• jamf / aftermath
  Aftermath is a free macOS IR framework
  ☆467Updated 3 months ago
• dwmetz / CyberPipe
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆266Updated 3 weeks ago