Defence Against the Dark Arts
☆34Sep 15, 2019Updated 6 years ago
Alternatives and similar repositories for defensive-scripts
Users that are interested in defensive-scripts are comparing it to the libraries listed below
Sorting:
- ☆12Dec 16, 2016Updated 9 years ago
- A list of Splunk queries that I've collected and used over time.☆93Nov 3, 2020Updated 5 years ago
- Netwitness Maltego integration Project☆18May 9, 2017Updated 8 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆291Jan 15, 2024Updated 2 years ago
- Collection of Splunking Tools, SPL Code and Resources☆15Jan 30, 2025Updated last year
- a port made of honey for blocking people☆13Jun 24, 2020Updated 5 years ago
- A PoC backdoor that uses Gmail as a C&C server☆13Jun 28, 2020Updated 5 years ago
- VMDK Forensic Artifact Extractor (VFAE) is windows based tool written in C++ that extracts files with a known location from VMDK images r…☆17Aug 7, 2015Updated 10 years ago
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 10 years ago
- Cowrie SSH/Telnet Honeypot http://cowrie.readthedocs.io☆13Jun 25, 2020Updated 5 years ago
- Disk Image Mounting Script☆11Jan 22, 2026Updated 2 months ago
- Virus Total Lookup Script☆14Aug 18, 2015Updated 10 years ago
- Cobalt Strike/C2 Servers☆13Apr 22, 2021Updated 4 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Basic file metadata gathering script☆21Apr 16, 2025Updated 11 months ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 5 years ago
- ☆20Nov 22, 2016Updated 9 years ago
- Ghidra consonance and make it more ida-ish☆16Mar 11, 2019Updated 7 years ago
- gtfobin checker☆11Oct 25, 2020Updated 5 years ago
- ☆115Jan 31, 2024Updated 2 years ago
- Registry timestamp manipulation☆18Feb 26, 2014Updated 12 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Parsers and scenarios to allow CrowdSec to ban threat actors caught by NAXSI WAF on a OPNSense firewall deployment.☆19Oct 21, 2022Updated 3 years ago
- Automate SSH communication with firewalls, switches, etc.☆27Mar 29, 2018Updated 7 years ago
- Command line $MFT record decoder☆12May 20, 2017Updated 8 years ago
- CrowdSec bouncer to use custom scripts☆15Nov 27, 2025Updated 3 months ago
- The Stamus Networks App for Splunk allows Splunk Enterprise users to extract information and insights from both the Stamus Security Plat…☆13Jan 7, 2026Updated 2 months ago
- ☆11Jan 28, 2025Updated last year
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Case and custom plate designs for Willy pcb by SquashKB and AlphaWilly pcb by KiserDesigns☆11Nov 29, 2023Updated 2 years ago
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- Artifact collection tool for *nix systems☆213Mar 20, 2024Updated 2 years ago
- List of Red Team Resources☆17Jun 16, 2020Updated 5 years ago