PaddlingCode

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

terraform-best-practices

Terraform Best Practices for AWS users

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

AIL-framework

AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project

TeamsPhisher

Send phishing messages and attachments to Microsoft Teams users

dissect

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

sccmhunter

ail-framework

AIL framework - Analysis Information Leak framework

LOOBins

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

domain-protect

OWASP Domain Protect - prevent subdomain takeover

awesome-llm-cybersecurity-tools

A curated list of large language model tools for cybersecurity research.

caOptics

CA Optics - Azure AD Conditional Access Gap Analyzer

overlay

Overlay is a browser extension helping developers evaluate open source packages before picking them

rcATT

A python app to predict Att&ck tactics and techniques from cyber threat reports

pythonista-chromeless

Serverless selenium which dynamically execute any given code.

rba

RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high-fidelity, low-volume alerts.

aep

Adversary Emulation Planner

library

Collection of original report and metadata files that are used by ORKL

HookPhish

HookPhish is a Python script designed to aid in the detection of phishing websites

dgad

DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic

Akamaru

Sniffing out well-known threat groups

ail-training

AIL project training materials

docker-binaryexploitation

Docker container that has all the CLI tooling for binary exploitation (thanks to @LiveOverflow)

doc

RISKEN is a monitoring tool for visualizing security risks.

Certitude

CERTITUDE - A python package to classify malicious URLs

terraform-aws-iam-policy

Create an IAM policy from Terraform input

automation-sig-www

Automation SIG

ail-feeder-ct

AIL feeder for certificate transparency

gitsnitch

Have you pushed sensitive info to GitHub? Here's a tool to find out.

tanium-sensors