yk's starred repositories
TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
ese-analyst
This is a set of tools for doing forensics analysis on Microsoft ESE databases.
security_content
Splunk Security Content
Cloud-Investigate
A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
pe-bear-releases
PE-bear (builds only)
jackson
🔥 Streamline your web application's authentication with Jackson, an SSO service supporting SAML and OpenID Connect protocols. Beyond enterprise-grade Single Sign-On, it also supports Directory Sync via the SCIM 2.0 protocol for automatic user and group provisioning/de-provisioning. 🤩
phishurl-list
Phishing URL dataset from JPCERT/CC
aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
SANSGoldPaperResearch_FOR500_Rathbun
A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
protections-artifacts
Elastic Security detection content for Endpoint
unfurl_jupyter
A patch to the unfurl library to adapt it to a Jupyter Notebook
strelka-ui
Strelka Web UI for File Submission and Analysis
TheHitchhikersGuidetoDFIRExperiencesFromBeginnersandExperts
The official repo for a project involving a crowdsourced DFIR book. The main purpose of this book is to give anyone interested an opportunity to write a chapter of a book to get their name out there, get a publication on their resume with an actual ISBN number, and ideally lower the bar for people to contribute something back to the DFIR Community. Want to write a chapter? Let me know and let's make it happen!