Stars
Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
GoResolver is a Go analysis tool using both Go symbol extraction and Control Flow Graph (CFG) similarity to identify and resolve the function symbols of an obfuscated Go binary.
Malware repository component for samples & static configuration with REST API interface.
CLI tools for forensic investigation of Windows artifacts
Find, list, and inspect processes from Go (golang).
Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package. Windows ONLY.
Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
Forensic toolkit for iOS sysdiagnose feature
A centralized and enhanced memory analysis platform
DFIR project to collect and analyze events in Google Workspace
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
A query aggregator for OSINT based threat hunting
NapierOne. A Publicly Available Modern Mixed File Data Set. The data set is suitable for a variety of testing scenarios such as Ransomware testing, Malware testing, forensic testing, file compressi…
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.
Binary instrumentation framework based on FRIDA