referefref / sinon
Automation tool for Windows Deception Host Burn-In
☆71Updated 2 months ago
Related projects: ⓘ
- God Mode Detection Rules☆130Updated last month
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆159Updated 5 months ago
- ☆60Updated 6 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆48Updated 2 weeks ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆65Updated last month
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆91Updated 2 months ago
- VirtualGHOST Detection Tool☆84Updated 3 months ago
- Explore the GOAD Active Directory lab in 5 minutes with Adalanche☆33Updated 8 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆34Updated 2 weeks ago
- ☆79Updated last month
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆145Updated this week
- Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the …☆57Updated 2 months ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆84Updated last week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆152Updated 2 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆112Updated 2 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆47Updated 8 months ago
- Anvilogic Forge☆80Updated this week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆200Updated 9 months ago
- Canary Detection☆159Updated 5 months ago
- ☆68Updated this week
- Slides of my public talks☆46Updated 9 months ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆99Updated 4 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆73Updated last month
- WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.☆116Updated last month
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆19Updated 2 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆13Updated last week
- quicmap is a simple yet quic (!) QUIC protocol scanner☆79Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆147Updated 3 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆93Updated 2 months ago