Giters
Defensive Origins (DefensiveOrigins)

Defensive Origins

DefensiveOrigins

Geek Repo

A research, consulting, and educational organization founded to assist businesses and non-profits manage and build their Information Security Knowledge Capital

Location:Black Hills, South Dakota

Home Page:https://www.defensiveorigins.com

Twitter:@DefensiveOGs

Github PK Tool:Github PK Tool

Defensive Origins's repositories

APT06202001

Applied Purple Teaming - (ITOCI4hr) - Infrastructure, Threat Optics, and Continuous Improvement - June 6, 2020

Language:HTMLStargazers:316Issues:28Issues:3

AtomicPurpleTeam

Atomic Purple Team Framework and Lifecycle

License:GPL-3.0Stargazers:273Issues:20Issues:0

APT-Lab-Terraform

Purple Teaming Attack & Hunt Lab - Terraform

Language:HCLLicense:GPL-3.0Stargazers:157Issues:12Issues:7

DO-LAB

Language:HTMLLicense:GPL-3.0Stargazers:40Issues:2Issues:2

Training

Defensive Origins Training Schedule

Stargazers:36Issues:11Issues:0

APT-Lab-FastOpticsSetup

Scripts to threat optics stack quickly / abbreviated and automated. Run after APT-Lab-Terraform

Language:PowerShellLicense:GPL-3.0Stargazers:12Issues:2Issues:0

APT-PreReqs

Applied Purple Teaming Course Pre-Requisites

Stargazers:9Issues:2Issues:0

LABPACK

Various components we use in labs

Language:RoffStargazers:9Issues:0Issues:0

SentinelKQL

Some supporting KQL queries for a blog

Stargazers:7Issues:0Issues:0

OpticsBuilder

Install Threat Optics

Language:PowerShellStargazers:5Issues:3Issues:0

BloodHound

Six Degrees of Domain Admin

Language:JavaScriptLicense:GPL-3.0Stargazers:3Issues:2Issues:0

MSSentinelSysmonParser

A simple parser for Sysmon logs through EID28 for Microsoft Sentinel

License:MITStargazers:3Issues:2Issues:0

SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Language:BooLicense:GPL-3.0Stargazers:2Issues:0Issues:0

APT-Lab-Terraform-Linux

Stargazers:1Issues:3Issues:0

APT22Things

Location for a few things necessary for APT22

License:BSD-2-ClauseStargazers:1Issues:2Issues:0

BadBlood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

Language:PowerShellLicense:GPL-3.0Stargazers:1Issues:2Issues:0

BruteLoops

Language:PythonLicense:MITStargazers:1Issues:1Issues:0

DET062021

Language:PowerShellStargazers:1Issues:4Issues:0

windows-event-forwarding

A repository for using windows event forwarding for incident detection and response

Language:RoffLicense:NOASSERTIONStargazers:1Issues:2Issues:0

ADD_Extras

ADD Extras

Stargazers:0Issues:0Issues:0

bl-bfg

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

Language:PowerShellLicense:MITStargazers:0Issues:0Issues:0

DTE_Extras

Language:PowerShellStargazers:0Issues:0Issues:0

DTEsrc2022

Additional resources for DTE 2022

Language:PowerShellStargazers:0Issues:0Issues:0

HostRecon

This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.

Language:PowerShellLicense:MITStargazers:0Issues:0Issues:0

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

License:NOASSERTIONStargazers:0Issues:0Issues:0

PowerTools

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

License:NOASSERTIONStargazers:0Issues:0Issues:0

Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Language:PythonLicense:GPL-3.0Stargazers:0Issues:2Issues:0

sysmon-modular

A repository of sysmon configuration modules

Language:PowerShellLicense:MITStargazers:0Issues:2Issues:0

SysmonCommunityGuide

TrustedSec Sysinternals Sysmon Community Guide

Language:CSSStargazers:0Issues:1Issues:0