Abdullah Baghuth's starred repositories
dnsmonster
Passive DNS Capture and Monitoring Toolkit
passivedns
A network sniffer that logs all DNS server replies for use in a passive DNS setup
gopassivedns
PassiveDNS in Go
C2-Tracker
Live Feed of C2 servers, tools, and botnets
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
misp-docker
A production ready Dockered MISP
gcp-two-tier
VM-Series templates for Google Cloud Platform
owa-honeypot
A basic flask based Outlook Web Honey pot
yara-forge
Automated YARA Rule Standardization and Quality Assurance Tool
SigRemover
Utility to remove digital code signature from binary PE files in Windows.
ChopChopGo
Rapidly Search and Hunt through Linux Forensics Artifacts
audit2json
Convert auditd logs to json format
ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
EmailHarvester
Email addresses harvester
detection-validation
Detection rule validation
SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Sentinel-Queries
Collection of KQL queries
FalconFriday
Hunting queries and detections
Theattacker-Crypter
Tool to evade Antivirus With Different Techniques