KaanSK

followers

following

stars

Incident Response | SecOps

Estonia

https://kaankaradag.com

Kaan Sadik Karadag's starred repositories

pulsar

A modular and blazing fast runtime security tool for the IoT, powered by eBPF.

Language:RustNOASSERTION86300

pocketbase

Open Source realtime backend in 1 file

Language:GoMIT3618500

alerting-detection-strategy-framework

A framework for developing alerting and detection strategies for incident response.

MIT63700

bore

🕳 bore is a simple CLI tool for making tunnels to localhost

Language:RustMIT823500

laurel

Transform Linux Audit logs for SIEM usage

Language:RustGPL-3.066600

mquery

YARA malware query accelerator (web frontend)

Language:PythonAGPL-3.040400

teler

Real-time HTTP Intrusion Detection

Language:GoApache-2.0299400

msticpy

Microsoft Threat Intelligence Security Tools

Language:PythonNOASSERTION171900

dragonfly

A modern replacement for Redis and Memcached

Language:C++NOASSERTION2452700

go_api_boilerplate

🐶Go (Golang)🚀REST / GraphQL API + Postgres boilerplate

Language:GoMIT14400

awesome_Threat-Hunting

A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.

ransomware-simulator

Ransomware simulator written in Golang

Language:GoMIT39200

misp-tip-of-the-week

A collection of tips for using MISP.

Language:Jupyter Notebook7400

threatbus

🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

Language:PythonBSD-3-Clause25800

go-zero

A cloud-native Go microservices framework with cli tool for productivity.

Language:GoMIT2829300

issue-dashboard

A customizable dashboard for GitHub issues and pull requests, using GitHub Pages and GitHub Actions

Language:TypeScriptMIT5200

tfsec

Tfsec is now part of Trivy

Language:GoMIT661300

go-dependency-injection-example

An example to demonstrate the dependency injection pattern in Go

Language:Go7900

waybackurls

Fetch all the URLs that the Wayback Machine knows about for a domain

Language:Go328800

Arjun

HTTP parameter discovery suite.

Language:PythonAGPL-3.0499700

DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

Language:ShellGPL-3.078400

tetragon

eBPF-based Security Observability and Runtime Enforcement

Language:GoApache-2.0342800

SecCon-Framework

Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuration into Productivity Devices and Privileged Access Workstations. This document will focus on Productivity Devices (SECCON 5, 4, and 3). Microsoft’s current guidance on Privileged Access Workstations can be found at http://aka.ms/cyberpaw and as part of the Securing Privileged Access roadmap found at http://aka.ms/privsec.

CC-BY-4.027600

IRM-deprecated

Incident Response Methodologies

NOASSERTION102100

weron

Overlay networks based on WebRTC.

Language:GoAGPL-3.0176700

dfirt

Collect information of Windows PC when doing incident response

Language:PowerShell24100

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Language:RustGPL-3.0206900

q

A tiny command line DNS client with support for UDP, TCP, DoT, DoH, DoQ and ODoH.

Language:GoGPL-3.0157900

bubbletea

A powerful little TUI framework 🏗

Language:GoMIT2545500

Sentinel-Queries

Collection of KQL queries

MIT133400