yk's starred repositories
IndicatorOfCanary
Canary Detection
MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
YARA_Detection_Engineering
Detection Engineering with YARA
MetadataPlus
A tool to use novel locations to extract metadata from Office documents.
DefenderHarvester
Expose a lot of MDE telemetry that is not easily accessible in any searchable form
AD-Canaries
The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.
awskillswitch
Lambda function that streamlines containment of an AWS account compromise
BestEdrOfTheMarket
Little user-mode AV/EDR evasion lab for training & learning purposes
PowerDecode
PowerDecode is a PowerShell-based tool that allows to deobfuscate PowerShell scripts obfuscated across multiple layers. The tool performs code dynamic analysis, extracting malware hosting URLs and checking http response.It can also detect if the malware attempts to inject shellcode into memory.
API-s-for-OSINT
List of API's for gathering information about phone numbers, addresses, domains etc
Magnet-RESPONSE-PowerShell
PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
managed-kubernetes-auditing-toolkit
All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
shell-backdoor
all shell backdoor in the world