A repository for notes and references of presentations.

LotL RMM

Zero-dollar attack surface management tool

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

A concise, directive, specific, flexible, and free incident response plan template

how to look for Leaked Credentials !

Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers

A repository of detection rules, including Sigma, Suricata, and YARA Content

PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

KQL Queries. Microsoft Defender, Microsoft Sentinel

Awesome Security lists for SOC/CERT/CTI

Microsoft Architecture Icons compiled in PowerPoint

AIL framework - Analysis Information Leak framework

Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>

Project based on RegRipper, to extract add'l value/pivot points from TLN events file

Automating Security Detection Engineering, published by Packt

Hunting queries and detections

An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.

Okta Verify and Okta FastPass Abuse Tool

Threat Box Assessment Tool

Everything related to YARA

C2 Active Scanner

Intel Retrieval Augmented Generation (RAG) Utilities