☆24Jul 17, 2025Updated 7 months ago
Alternatives and similar repositories for presentations
Users that are interested in presentations are comparing it to the libraries listed below
Sorting:
- CoreFoundation Property List support for Go☆28Nov 7, 2017Updated 8 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- ☆15Sep 26, 2022Updated 3 years ago
- various slides and presentations I've worked on☆19Mar 21, 2025Updated 11 months ago
- Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.☆17Feb 6, 2023Updated 3 years ago
- Headers for linking your software with ntdll.dll☆15Nov 4, 2020Updated 5 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Registry hive parsing the async way☆25Oct 29, 2025Updated 4 months ago
- Windows event log anomaly detection powered by ATPA technologies☆26Dec 22, 2022Updated 3 years ago
- Post-Infection Collection Toolkit☆95Jan 31, 2023Updated 3 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Nov 25, 2019Updated 6 years ago
- Every OS X/ macOS white paper☆114Apr 14, 2020Updated 5 years ago
- Rethinking the User Interface of AI☆32Updated this week
- public assets for ironcat emulation software ;)☆14Sep 8, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- List of legitimate macOS apps doing not great things☆35Feb 11, 2022Updated 4 years ago
- macOS XProtect definition files☆40Mar 25, 2022Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆47Nov 22, 2025Updated 3 months ago
- ☆13Nov 5, 2024Updated last year
- Mapping XProtect's obfuscated malware family names to common industry names.☆94Nov 14, 2025Updated 3 months ago
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 4 years ago
- Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format☆40Jul 27, 2021Updated 4 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago
- ☆16May 13, 2021Updated 4 years ago
- An simplest PE parser, which list all import and export entries☆12Oct 11, 2018Updated 7 years ago
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- ☆19Jan 15, 2026Updated last month
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Jun 6, 2022Updated 3 years ago
- Reading and resources lists on a variety of technical topics.☆43Oct 29, 2020Updated 5 years ago
- Talk and materials for Offensive Con presentation - Privileged Helper Tools☆47Feb 15, 2019Updated 7 years ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Library of threat hunts to get any user started!☆49Sep 4, 2020Updated 5 years ago