Red Teaming & Pentesting checklists for various engagements

Scripts and tools for use with Microsoft products/technologies

Top-like interface for container metrics

A monitor of resources

A cat(1) clone with wings.

Awesome Security lists for SOC/CERT/CTI

Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

DNS-Blocklists: For a better internet - keep the internet clean!

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Resp…

Collaborative forensic timeline analysis

Public script from SANS FOR509 Enterprise Cloud Incident Response

🤖🏴‍☠️ radare2 plugin for GPT-4 🦜. Solve crackmes automatically 🪄

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

Notebook from my "Guardians of Identity: OKTA’s Underworld" talk at Jupyterthon

This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.

A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors

Zeek-Formatted Threat Intelligence Feeds

Python for Security and Networking, Published by Packt

Practical Threat Detection Engineering, Published by Packt

WinMerge is an Open Source differencing and merging tool for Windows. WinMerge can compare both folders and files, presenting differences in a visual text format that is easy to understand and handle.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as wel…

A cli tool to automatically download and upload advent of code problems.

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit …