Giters
yk (Silv3rHorn)

Silv3rHorn

Geek Repo

29

followers

4

following

490

stars

Github PK Tool:Github PK Tool

yk's starred repositories

Sigma-Rules

A repository of my own Sigma detection rules.

License:GPL-3.0Stargazers:150Issues:0Issues:0

osquery-defense-kit

Production-ready detection & response queries for osquery

Language:MakefileLicense:Apache-2.0Stargazers:498Issues:0Issues:0

varc

Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.

Language:PythonLicense:GPL-3.0Stargazers:234Issues:0Issues:0

elastic-container

Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine

Language:ShellLicense:Apache-2.0Stargazers:332Issues:0Issues:0

trailscraper

A command-line tool to get valuable information out of AWS CloudTrail

Language:PythonLicense:Apache-2.0Stargazers:763Issues:0Issues:0

tenzir

Open source security data pipelines.

Language:C++License:BSD-3-ClauseStargazers:621Issues:0Issues:0

mmk-ui-api

UI, API, and Scanner (Rules Engine) services for Merry Maker

Language:TypeScriptLicense:Apache-2.0Stargazers:123Issues:0Issues:0

volatility-docker

A suite of Volatility 3 plugins for memory forensics of Docker containers

Language:PythonStargazers:16Issues:0Issues:0

EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

Language:BatchfileLicense:GPL-3.0Stargazers:490Issues:0Issues:0

AWSome-Pentesting

My cheatsheet notes to pentest AWS infrastructure

License:GPL-3.0Stargazers:639Issues:0Issues:0

osintui

OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys

Language:RustLicense:MITStargazers:966Issues:0Issues:0

EvtxHussar

Initial triage of Windows Event logs

Language:GoLicense:MITStargazers:80Issues:0Issues:0

prefetch-hash-cracker

A small util to brute-force prefetch hashes

Language:RustLicense:MITStargazers:70Issues:0Issues:0

GHunt

🕵️‍♂️ Offensive Google framework.

Language:PythonLicense:NOASSERTIONStargazers:15087Issues:0Issues:0

canarytokens-docker

Docker configuration to quickly setup your own Canarytokens.

Language:DockerfileLicense:BSD-3-ClauseStargazers:587Issues:0Issues:0

VanillaWindowsReference

A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update. Use these CSVs to create your own known good hash sets!

License:MITStargazers:128Issues:0Issues:0

DFIR4vSphere

Powershell module for VMWare vSphere forensics

Language:PowerShellLicense:GPL-3.0Stargazers:134Issues:0Issues:0

mlget

A golang CLI tool to download malware from a variety of sources.

Language:GoStargazers:132Issues:0Issues:0

GitFive

🐙 Track down GitHub users.

Language:PythonLicense:MPL-2.0Stargazers:793Issues:0Issues:0

blackhat-arsenal-tools

Official Black Hat Arsenal Security Tools Repository

License:GPL-3.0Stargazers:3756Issues:0Issues:0

the-prime-hunt

A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation

Language:TypeScriptLicense:Apache-2.0Stargazers:74Issues:0Issues:0

aftermath

Aftermath is a free macOS IR framework

Language:SwiftLicense:MITStargazers:440Issues:0Issues:0

DeTTECT

Detect Tactics, Techniques & Combat Threats

Language:SCSSLicense:GPL-3.0Stargazers:1986Issues:0Issues:0

dissect

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

License:AGPL-3.0Stargazers:872Issues:0Issues:0

DetectionLab

Automate the creation of a lab environment complete with security tooling and logging best practices

Language:HTMLLicense:MITStargazers:4532Issues:0Issues:0

getsymbol

Simple tool to download debugging symbols from Microsoft, Google, Mozilla and Citrix symbol servers for reverse engineers compatible with Windows 8.1, 10 and 11

Language:C++Stargazers:203Issues:0Issues:0

upx-recovery-tool

Language:PythonLicense:BSD-3-ClauseStargazers:89Issues:0Issues:0

npm-initial-access

Easy to extend initial access scenario to help with EDR testing on Linux and Mac

Language:ShellStargazers:23Issues:0Issues:0

EternalLiberty

Stargazers:178Issues:0Issues:0

dissect.cobaltstrike

Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles

Language:PythonLicense:MITStargazers:145Issues:0Issues:0