tsale / Intrusion_data
This repository is created to store the artifacts for any intrusions I share publicly.
☆23Updated last year
Related projects: ⓘ
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆22Updated 3 weeks ago
- ESXi Cyber Security Incident Response Script☆19Updated 2 weeks ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆21Updated 3 weeks ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- Remote access and Antivirus Logging Database☆39Updated 4 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 10 months ago
- ☆42Updated 3 months ago
- Parses USB connection artifacts from offline Registry hives☆50Updated last week
- Slides of my public talks☆46Updated 9 months ago
- ShellSweeping the evil.☆49Updated 3 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆66Updated 9 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆65Updated last month
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆18Updated 6 months ago
- ☆48Updated last year
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆23Updated 2 months ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆34Updated 9 months ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆24Updated 9 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆93Updated 2 months ago
- Test case indexes☆35Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 6 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 5 months ago
- An exercise to practice deobfuscating PowerShell Scripts.☆27Updated last year
- pySigma Splunk backend☆33Updated 5 months ago
- Baseline a Windows System against LOLBAS☆22Updated 4 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- A collection of Sigma rules organized by MITRE ATT&CK technique☆15Updated 3 years ago
- Contains compiled binaries of Volatility☆28Updated 2 months ago
- ☆19Updated last year