yk's starred repositories

cvemap

Navigate the CVE jungle with ease.

Language:GoLicense:MITStargazers:1352Issues:20Issues:38

API-s-for-OSINT

List of API's for gathering information about phone numbers, addresses, domains etc

redress

Redress - A tool for analyzing stripped Go binaries

Language:GoLicense:AGPL-3.0Stargazers:865Issues:13Issues:13

BestEdrOfTheMarket

Little AV/EDR evasion lab for training & learning purposes

DataSurgeon

Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text

Language:RustLicense:Apache-2.0Stargazers:688Issues:10Issues:12

Locksmith

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Language:PowerShellLicense:NOASSERTIONStargazers:674Issues:13Issues:25

KubeHound

Kubernetes Attack Graph

Language:GoLicense:Apache-2.0Stargazers:596Issues:10Issues:17

raven

CI/CD Security Analyzer

Language:PythonLicense:Apache-2.0Stargazers:567Issues:9Issues:69

Mido

The Secure Microsoft Windows Downloader

Language:ShellLicense:MITStargazers:462Issues:4Issues:10

shell-backdoor

all shell backdoor in the world

Language:HackStargazers:366Issues:5Issues:0

MasterParser

MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs

Language:PowerShellLicense:MITStargazers:333Issues:7Issues:2

awskillswitch

Lambda function that streamlines containment of an AWS account compromise

Language:GoLicense:Apache-2.0Stargazers:295Issues:3Issues:0

managed-kubernetes-auditing-toolkit

All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.

Language:GoLicense:Apache-2.0Stargazers:225Issues:5Issues:9

AD-Canaries

The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.

Language:PowerShellLicense:MITStargazers:183Issues:4Issues:1

YAMA

Yet Another Memory Analyzer for malware detection

Language:C++License:NOASSERTIONStargazers:162Issues:11Issues:2

SWAT

Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.

Language:PythonLicense:Apache-2.0Stargazers:135Issues:3Issues:32

PowerDecode

PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.

Language:PowerShellLicense:GPL-3.0Stargazers:113Issues:3Issues:2

RMML

A list of RMMs designed to be used in automation to build alerts

Language:PythonLicense:MITStargazers:89Issues:5Issues:2

YARA_Detection_Engineering

Detection Engineering with YARA

DefenderHarvester

Expose a lot of MDE telemetry that is not easily accessible in any searchable form

Language:GoLicense:MITStargazers:69Issues:2Issues:1

sidr

Search Index Database Reporter

Language:RustLicense:NOASSERTIONStargazers:69Issues:3Issues:4

MetadataPlus

A tool to use novel locations to extract metadata from Office documents.

Language:C#License:Apache-2.0Stargazers:57Issues:8Issues:1
Language:PythonLicense:LGPL-2.1Stargazers:49Issues:2Issues:0

machofile

machofile is a module to parse Mach-O binary files

Language:PythonLicense:MITStargazers:43Issues:3Issues:5

notatin

A Windows registry file parser written in Rust

Language:RustLicense:Apache-2.0Stargazers:31Issues:6Issues:2

parseusbs

Parses USB connection artifacts from offline Registry hives

Language:PythonLicense:GPL-3.0Stargazers:16Issues:0Issues:0

Magnet-RESPONSE-PowerShell

PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.

Language:PowerShellLicense:MITStargazers:14Issues:0Issues:0

ccl-segb

Module(s) related to reading SEGB (fka "Biome") data from iOS, mascOS, etc.

Language:PythonLicense:MITStargazers:8Issues:0Issues:0