0xThiebaut

Maxime Thiebaut's repositories

sigmai

Import specific data sources into the Sigma generic and open signature format.

Language:GoEUPL-1.277 100

PCAPeek

A proof-of-concept re-assembler for reverse VNC traffic.

Language:GoEUPL-1.224 30

Signatures

🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...

Language:YARANOASSERTION22 3 1

mdeproxy

Microsoft Defender for Endpoint Proxy (Device Timeline, ...)

Language:GoEUPL-1.23 10

IDA

⚙️ Things I used in IDA...

Language:C1 20

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active D

Language:PowerShellGPL-3.0010

CCCS-Yara

YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA

Language:PythonMIT010

CVE-2021-44228

CVE-2021-44228 Response Scripts

Language:Python030

CyberChef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Language:JavaScriptApache-2.0010

DefenderHarvester

Expose a lot of MDE telemetry that is not easily accessible in any searchable form

MIT000

DidierStevensSuite

Please no pull requests for this repository. Thanks!

Language:Python010

freebsd-src

The FreeBSD src tree publish-only repository. Experimenting with 'simple' pull requests....

NOASSERTION000

grammes

A Go package built to communicate with Apache TinkerPop™ Graph computing framework using Gremlin; a graph traversal language used by graph databases such as JanusGraph®, MS Cosmos DB, AWS Neptune, and DataStax® Enterprise Graph.

Language:GoApache-2.0010

janusgraph-docker

JanusGraph Docker images

Language:ShellNOASSERTION010

malduck

:duck: Malduck is your ducky companion in malware analysis journeys

Language:PythonGPL-3.0010

mwdb-core

Malware repository component for samples & static configuration with REST API interface.

Language:PythonNOASSERTION000

opnsense

OPNsense plugin collection

Language:PHPBSD-2-Clause010

opnsense-docs

OPNsense documentation

Language:PythonNOASSERTION000

signature-base

YARA signature and IOC database for my scanners and tools

Language:YARANOASSERTION010

speakeasy

Windows kernel and user mode emulation.

Language:PythonMIT010

SQLiteHunter

Hunt for SQLite files used by various applications

Language:GoAGPL-3.0010

The-DFIR-Report-Sigma

The DFIR Report's Sigma Rules

GPL-3.0000

Tools

Tools and scripts

Language:PythonEUPL-1.2020

velociraptor

Digging Deeper....

Language:GoNOASSERTION010

volatility3

Volatility 3.0 development

Language:PythonNOASSERTION010

vyos-1x

VyOS command definitions, scripts, and utilities

Language:PythonLGPL-2.1000

vyos-build

VyOS image build scripts

Language:PythonGPL-2.0000

XSOAR

Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR's ever-growing Content Repository. Pull Requests are always welcome and highly appreciated!

Language:PythonMIT010

yara

The pattern matching swiss knife

Language:CBSD-3-Clause010

Zipit

A Firefox extension to encrypt files downloaded through Microsoft 365 Defender's Live Response Sessions.

Language:TypeScriptEUPL-1.203 1