Prometheus's repositories
artifacts
Digital Forensics artifact repository
bootloaders
bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security professionals in staying informed and mitigating potential threats associated with bootloaders.
detection-rules
Rules for Elastic Security's detection engine
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
DFIRMindMaps
A repository of DFIR-related Mind Maps geared towards the visual learners!
emoji-cheat-sheet
A markdown version emoji cheat sheet
EVTX-to-MITRE-Attack
Set of EVTX samples (>170) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.
GRFICSv2
Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
iris-web
Incident Response collaborative platform
laurel
Transform Linux Audit logs for SIEM usage
malware-samples
Malware samples, analysis exercises and other interesting resources.
mimikatz
A little tool to play with Windows security
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
nerd-fonts
Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
RemotePotato0
Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin.
reverse-engineering-journal
anything I find interesting regarding reverse engineering
SentinelKQL
Azure Sentinel KQL
sigma
Generic Signature Format for SIEM Systems
sysmon-cheatsheet
All sysmon event types and their fields explained
sysmon-configs
Various complete configs
sysmon-modular
A repository of sysmon configuration modules
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
Ultimate-RAT-Collection
For educational purposes only, samples of old & new malware builders including screenshots!
unleashed-firmware
Flipper Zero Unleashed Firmware
vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
warpdrive
Useful tools to drive personal daily work.
Zircolite
A standalone SIGMA-based detection tool for EVTX.