Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
☆30Nov 26, 2025Updated 3 months ago
Alternatives and similar repositories for IOCs
Users that are interested in IOCs are comparing it to the libraries listed below
Sorting:
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- ☆32Updated this week
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- Performing secure code review with LLMs (and vibe coding IDEs)☆36Aug 5, 2025Updated 7 months ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆14Jan 5, 2026Updated 2 months ago
- ☆21May 8, 2022Updated 3 years ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆25Dec 11, 2024Updated last year
- A recon tool for GCP Service Account Keys that requires no permissions☆27Apr 14, 2025Updated 10 months ago
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- MAES: M365 Analyzer & Extractor Suite Po☆33Feb 14, 2026Updated 2 weeks ago
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior☆33Feb 16, 2026Updated 2 weeks ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Sample evtx files to use for testing hayabusa detection rules☆65Nov 5, 2025Updated 4 months ago
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 weeks ago
- Proof-of-Concept exploits for CVE-2017-11882☆41Jan 2, 2018Updated 8 years ago
- ☆105Dec 9, 2025Updated 2 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated 11 months ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Nov 6, 2023Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- ☆72Oct 24, 2025Updated 4 months ago
- A collection of methods to learn who the owner of an IP address is.☆224Sep 29, 2025Updated 5 months ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆29Aug 18, 2019Updated 6 years ago
- Putting a leash on naughty AWS permissions☆135Sep 5, 2025Updated 6 months ago
- A collection of CVEs weaponized by ransomware operators☆130Oct 13, 2025Updated 4 months ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- Hands-on MCP security lab: 10 real incidents reproduced with vulnerable/secure MCP servers, pytest regressions, and Claude/Cursor battle-…☆83Dec 3, 2025Updated 3 months ago
- ☆30Jan 13, 2026Updated last month
- ☆33Feb 26, 2022Updated 4 years ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆121Updated this week
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆44Feb 21, 2026Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆80Jan 6, 2026Updated last month
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Jan 30, 2026Updated last month
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Feb 22, 2025Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆168Dec 7, 2025Updated 2 months ago
- Репозиторий, содержащий решения тасков и описание инцидента - RedShift190☆10Dec 26, 2023Updated 2 years ago