#
Lists (3)
Starred repositories
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Repository containing examples to play with access tokens and JWTs
Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
Understanding the operation and limitations of Sysmon's events
The Definitive Guide To Process Cloning on Windows
Source code and examples for PassiveAggression
A forensic tool for parsing Restart Manager database
huntandhackett / dissect.target
Forked from fox-it/dissect.targetThe Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collecti…
A console tool for inspecting Windows Ancillary Function Driver sockets
A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️
A resource containing all the tools each ransomware gangs uses
Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration).
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.
This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Response capabilities within their organizations.
Automated Evilginx phishlet creator Extension for Burpsuite
Signature based honeypot detector tool written in Golang
A list of Free Software network services and web applications which can be hosted on your own servers
A collection of scripts for assessing Microsoft Azure security
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
KQL Queries. Microsoft Defender, Microsoft Sentinel
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.