Beast code in Giters

SCS Labs's repositories

TheWatchList

Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.

16 20

HAFNIUM-Microsoft-Exchange-0day

CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065

500

blocklist-ipsets

ipsets dynamically updated with firehol's update-ipsets.sh script

Language:Shell100

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

Language:PowerShellNOASSERTION010

ansible-role-sysmon

Ansible role for installing Sysmon with popular config files included.

Language:PowerShellMIT000

arkime

Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.

Language:CNOASSERTION000

atomic-threat-coverage

Actionable analytics designed to combat threats

Language:PythonApache-2.0000

Aurora-Incident-Response

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Language:JavaScriptApache-2.0000

cloudmapper

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

Language:JavaScriptBSD-3-Clause000

cloudsploit

Cloud Security Posture Management (CSPM)

Language:JavaScriptGPL-3.0000

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com

Language:PowerShellApache-2.0000

Country-codes

000

elastic-reports

000

Empire

Empire is a PowerShell and Python 3.x post-exploitation framework.

Language:PowerShellBSD-3-Clause000

goalert

Open source on-call scheduling, automated escalations, and notifications so you never miss a critical alert

Language:GoNOASSERTION000

Images

000

ipsets

000

iris

Iris is a highly configurable and flexible service for paging and messaging.

Language:PythonBSD-2-Clause000

jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Language:HTMLNOASSERTION010

oncall

Oncall is a calendar tool designed for scheduling and managing on-call shifts. It can be used as source of dynamic ownership info for paging systems like http://iris.claims.

Language:PythonBSD-2-Clause000

ossec-sysmon

A Ruleset to enhance detection capabilities of Ossec using Sysmon

Language:PowerShell000

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Language:PythonBSD-3-Clause000

ptf

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Language:Python000

ScoutSuite

Multi-Cloud Security Auditing Tool

Language:PythonGPL-2.0000

sigma

Generic Signature Format for SIEM Systems