Stars
KQL Queries. Microsoft Defender, Microsoft Sentinel
My OPML export from FreshRSS with my paid subscription feeds removed
Using Full Flash Update files to speed up Windows Deployment
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
External monitoring for organization assets
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
In-depth attack surface mapping and asset discovery
Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
A vulnerability scanner for container images and filesystems
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Zui is a powerful desktop application for exploring and working with data. The official front-end to the Zed lake.
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
A curated repository of incident response playbooks
This script generates a groups.xml file that mimics a real GPP to create a new user on domain-joined computers
Repository for the Zero Trust Assessment project
A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.