Block or Report
Block or report CyberSpooon
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseStars
Language
Sort by: Recently starred
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…
GRR Rapid Response: remote live forensics for incident response
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Tools and Techniques for Blue Team / Incident Response
PowerShell Digital Forensics & Incident Response Scripts.
A utility to safely generate malicious network traffic patterns and evaluate controls.
Signatures and IoCs from public Volexity blog posts.
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
APIsec|SCAN - Free API security testing using Github actions
Remote access and Antivirus Logging Database
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
Defences against Cobalt Strike
Sysmon configuration file template with default high-quality event tracing
Situational Awareness commands implemented using Beacon Object Files
DFIQ is a collection of investigative questions and the approaches for answering them
Web browser forensics for Google Chrome/Chromium
A workshop about Malware Development
Digital Forensics artifact repository
500+ PowerShell scripts (.ps1) for every system!
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
A list of books suggested by the security community to aid intelligence analysts learn to think
Awesome list of keywords and artifacts for Threat Hunting sessions
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.