philhagen

Phil Hagen philhagen

365 followers · 18 following

Lewes Technology Consulting, LLC
Lewes, DE
@philhagen.com
https://www.youtube.com/philhagen
in/philhagen

Achievements

x2 x3 x2

Achievements

x2 x3 x2

Highlights

sof-elk Public

Configuration files for the SOF-ELK VM

Shell 1,593 293 GNU General Public License v3.0 Updated May 30, 2025
for572-scripts Public

A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis

Shell 27 9 Updated May 28, 2025
community-id-retrofit Public

Add a community_id field to existing Zeek logs alongside all uid values for broader conversation filtering

Python GNU General Public License v3.0 Updated Jan 21, 2025
Microsoft-Extractor-Suite Public
Forked from invictus-ir/Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

PowerShell GNU General Public License v2.0 Updated Dec 13, 2024
atomic-red-team Public
Forked from redcanaryco/atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

C MIT License Updated Jul 3, 2024
pycommunityid Public
Forked from corelight/pycommunityid

A Python implementation of the Community ID flow hashing standard

Python BSD 3-Clause "New" or "Revised" License Updated Nov 28, 2023
geoip-bootstraps Public

Shell 2 1 Apache License 2.0 Updated Sep 15, 2023
arkime Public
Forked from arkime/arkime

Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.

JavaScript 1 Other Updated Sep 14, 2023
ja3 Public
Forked from salesforce/ja3

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

Python BSD 3-Clause "New" or "Revised" License 10000 Updated Jul 10, 2023
tcpdstat Public
Forked from netik/tcpdstat

Get protocol statistics from tcpdump pcap files (fork)

C Updated Jun 6, 2023
hassh Public
Forked from salesforce/hassh

HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a …

Python 1 1 BSD 3-Clause "New" or "Revised" License Updated May 25, 2023
arkimeweb Public
Forked from arkime/arkimeweb

The website for arkime.com

HTML 1 Apache License 2.0 Updated May 23, 2023
daylight_tracker Public

Python 1 1 Apache License 2.0 Updated Dec 10, 2022
sansfor509 Public
Forked from dlcowen/sansfor509

Public script from SANS FOR509 Enterprise Cloud Incident Response

Python 2 GNU General Public License v2.0 Updated Sep 8, 2022
ltc-fuzzy-keyword-suggestions Public

YOURLS plugin to alleviate typos in short URLs

PHP 4 3 Updated Aug 22, 2022
timeshift Public

A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.

Python 21 5 Updated May 19, 2022
sec487.github.io Public
Forked from sec487/sec487.github.io

website

JavaScript Updated Dec 15, 2021
fail2ban Public
Forked from fail2ban/fail2ban

Daemon to ban hosts that cause multiple authentication errors

Python 1 Other Updated Dec 27, 2020
ip2geo Public

Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses

Python 100 26 Updated Jan 16, 2020
web-traffic-generator Public
Forked from ReconInfoSec/web-traffic-generator

A quick and dirty HTTP/S "organic" traffic generator.

Python 2 1 MIT License Updated Nov 7, 2019
python-github-webhooks Public
Forked from carlos-jenkins/python-github-webhooks

Simple Python WSGI application to handle Github webhooks

Python Apache License 2.0 Updated Oct 19, 2019
Cybersecurity-Pathfinders Public
Forked from MichaelTanji/Cybersecurity-Pathfinders

3 MIT License Updated Mar 30, 2019
log-login Public
Forked from SweBarre/log-login

a authentication log plugin for YOURLS

PHP 1 Updated Jan 22, 2019
bitfit Public
Forked from joswr1ght/bitfit

Recursively validate a starting directory of file contents to identify changes, corrupt data

Python MIT License Updated Jan 17, 2019
sift-saltstack Public
Forked from teamdfir/sift-saltstack

Salt States for Configuring the SIFT Workstation

Python MIT License Updated Nov 15, 2018
ja3-aggregator Public

Aggregate and normalize JA3 hash databases from multiple sources

1 GNU General Public License v3.0 Updated Oct 29, 2018
freq Public
Forked from MarkBaggett/freq

This is a repository for freq.py and freq_server.py

Python 1 Updated Jul 21, 2018
kibana-sofelkhtml-plugin Public
Forked from raystorm-place/kibana-html-plugin

Kibana HTML Widget Plugin

JavaScript Other Updated Feb 15, 2018
sift-bootstrap Public
Forked from teamdfir/sift-bootstrap

SANS Investigative Forensics Toolkit Bootstrap Script

Shell 1 1 MIT License Updated Sep 30, 2016
pptxindex Public
Forked from joswr1ght/pptxindex

Create a MS Word index file from PowerPoint notes and slides

Python MIT License Updated Sep 25, 2015

Phil Hagen philhagen

Achievements

Achievements

Highlights

sof-elk Public

Uh oh!

for572-scripts Public

Uh oh!

community-id-retrofit Public

Uh oh!

Microsoft-Extractor-Suite Public

Uh oh!

atomic-red-team Public

Uh oh!

pycommunityid Public

Uh oh!

geoip-bootstraps Public

Uh oh!

arkime Public

Uh oh!

ja3 Public

Uh oh!

tcpdstat Public

Uh oh!

hassh Public

Uh oh!

arkimeweb Public

Uh oh!

daylight_tracker Public

Uh oh!

sansfor509 Public

Uh oh!

ltc-fuzzy-keyword-suggestions Public

Uh oh!

timeshift Public

Uh oh!

sec487.github.io Public

Uh oh!

fail2ban Public

Uh oh!

ip2geo Public

Uh oh!

web-traffic-generator Public

Uh oh!

python-github-webhooks Public

Uh oh!

Cybersecurity-Pathfinders Public

Uh oh!

log-login Public

Uh oh!

bitfit Public

Uh oh!

sift-saltstack Public

Uh oh!

ja3-aggregator Public

Uh oh!

freq Public

Uh oh!

kibana-sofelkhtml-plugin Public

Uh oh!

sift-bootstrap Public

Uh oh!

pptxindex Public

Uh oh!