Giters
Michael Haag (MHaggis)

MHaggis

Geek Repo

365

followers

88

following

488

stars

Company:@Splunk

Twitter:@M_haggis

Github PK Tool:Github PK Tool

Michael Haag's repositories

sysmon-dfir

Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

License:GPL-3.0Stargazers:892Issues:114Issues:2

CBR-Queries

Collection of useful, up to date, Carbon Black Response Queries

Stargazers:82Issues:12Issues:0

notes

Full of public notes and Utilities

Language:HTMLStargazers:78Issues:7Issues:0

ShellSweep

ShellSweeping the evil.

Language:PowerShellLicense:Apache-2.0Stargazers:51Issues:5Issues:1

ASRGEN

ASR Configurator, Essentials and Atomic Testing

Language:PythonLicense:Apache-2.0Stargazers:31Issues:2Issues:0

sigZap

SigZap is a Streamlit application designed to facilitate the search across multiple network signature sets at once.

Language:PythonLicense:Apache-2.0Stargazers:4Issues:2Issues:0

AppLockerGen

AppLocker Policy Generator

Language:PythonLicense:Apache-2.0Stargazers:3Issues:3Issues:1

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

Language:PowerShellStargazers:3Issues:2Issues:0

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Language:PowerShellLicense:MITStargazers:2Issues:3Issues:0

amsi-tracer

Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) passed into AMSI during dynamic execution.

Language:C++License:GPL-3.0Stargazers:1Issues:3Issues:0

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Language:HTMLLicense:Apache-2.0Stargazers:1Issues:2Issues:0

LLM

LLM tools and toys

Language:PythonLicense:Apache-2.0Stargazers:1Issues:2Issues:0

MHaggis

Stargazers:1Issues:2Issues:0

tomcat-jmxproxy-rce-exp

Apache Tomcat JMXProxy RCE

Language:GoLicense:Apache-2.0Stargazers:1Issues:1Issues:0

AtomicLua

A combination of OffensiveLua and Learning Lua - By Defenders, for Defenders

Language:CLicense:Apache-2.0Stargazers:0Issues:1Issues:0

AtomicTestHarnesses

Public Repo for Atomic Test Harness

Language:PowerShellLicense:BSD-3-ClauseStargazers:0Issues:2Issues:0

attack_range_local

Build a attack range in your local machine

Language:HTMLLicense:Apache-2.0Stargazers:0Issues:2Issues:0

BlackLotus

BlackLotus UEFI Windows Bootkit

Language:CStargazers:0Issues:1Issues:0

CVE-2024-4040

Scanner for CVE-2024-4040

Language:PythonStargazers:0Issues:0Issues:0

DrvLoader

A post exploitation utility for loading signed kernel drivers using both the undocumented NtLoadDriver function and by directly interfacing with the Windows Service Control Manager (SCM)

Language:C++Stargazers:0Issues:1Issues:0

gdrv-loader

Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver

Language:CStargazers:0Issues:1Issues:0

grab_beacon_config

Language:LuaStargazers:0Issues:2Issues:0

HackerArt

A collection of art inspired by the world of cybersecurity and hacking culture.

Language:HTMLStargazers:0Issues:1Issues:0

HVCI-loldrivers-check

Language:PowerShellStargazers:0Issues:1Issues:0

InstallerFileTakeOver

Language:C++License:MITStargazers:0Issues:2Issues:0

Invoke-PrintDemon

Language:PowerShellStargazers:0Issues:2Issues:0

mockbin

Mock, Test & Track HTTP Requests and Response for Microservices

Language:JavaScriptLicense:MITStargazers:0Issues:1Issues:0

sigma

Generic Signature Format for SIEM Systems

Language:PythonLicense:NOASSERTIONStargazers:0Issues:1Issues:0

signature-base

YARA signature and IOC database for my scanners and tools

Language:YARALicense:NOASSERTIONStargazers:0Issues:1Issues:0

SnakeMalware

Scripts and References for Snake Malware

Language:PowerShellLicense:Apache-2.0Stargazers:0Issues:2Issues:0