Beast code in Giters

0x9f99's starred repositories

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Language:JinjaApache-2.0202700

alerting-detection-strategy-framework

A framework for developing alerting and detection strategies for incident response.

MIT64000

gost

GO Simple Tunnel - a simple tunnel written in golang

Language:GoMIT378900

wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Language:CNOASSERTION970400

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

349300

attack-stix-data

STIX data representing MITRE ATT&CK

Language:PythonNOASSERTION30800

Aurora-Incident-Response

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Language:JavaScriptApache-2.074400

atc-data

Actionable data for Security Operations

Language:PythonApache-2.01800

Microsoft-365-Defender-Hunting-Queries

Sample queries for Advanced hunting in Microsoft 365 Defender

Language:Jupyter NotebookMIT189100

cve

Gather and update all available and newest CVEs with their PoC.

Language:HTMLMIT631100

w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Language:PythonGPL-3.0147200

Security-Datasets

Re-play Security Events

Language:PowerShellMIT157500

OSSEM

Open Source Security Events Metadata (OSSEM)

Language:PythonMIT122000

ATTACK-Python-Client

Python Script to access ATT&CK content available in STIX via a public TAXII server

Language:PythonBSD-3-Clause55300

sysmon-modular

A repository of sysmon configuration modules

Language:PowerShellMIT257100

awesome-incident-response

A curated list of tools for incident response

Apache-2.0737700

top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

NOASSERTION166300

goblin

一款适用于红蓝对抗中的仿真钓鱼系统

Language:GoGPL-3.0140500

vscan

开源、轻量、快速、跨平台的网站漏洞扫描工具，帮助您快速检测网站安全隐患。功能端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破 (admin brute) 敏感文件扫描(file fuzz)

Language:GoBSD-3-Clause140600

detection-rules

Language:PythonNOASSERTION186100

sigma

Main Sigma Rule Repository

Language:PythonNOASSERTION789200

AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

GPL-3.027700

car

Cyber Analytics Repository

Language:PythonApache-2.088600

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Language:CApache-2.0161200

bmc-tools

RDP Bitmap Cache parser

Language:PythonCECILL-2.145000

WebLogic-Shiro-shell

WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell

Language:Java52900

spp

A simple and powerful proxy

Language:GoMIT81200

Phant0m

Windows Event Log Killer

Language:C173400

nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Language:JavaScriptMIT868500

ant-design

An enterprise-class UI design language and React UI library

Language:TypeScriptMIT9125400