Skyw3lker's repositories
awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
AtomicTestHarnesses
Public Repo for Atomic Test Harness
Awesome-CobaltStrike-Defence
Defences against Cobalt Strike
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
awesome-python
A curated list of awesome Python frameworks, libraries, software and resources
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
awesome-zero-trust
A curated collection of awesome resources for the zero-trust security model.
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
Domain-Age-Checker
Script domain age of bulk domains using python
netprog_basics
Code, Examples, and Resources for the Network Programmability Basics Video Course
opensoc
OpenSOC Apache Hadoop Code
practical-python
Practical Python Programming (course by @dabeaz)
SCRIPTS
Random scripts sort of organized ... fu.txt is massive and old
SIEM
SIEM Tactics, Techiques, and Procedures
sigma
Generic Signature Format for SIEM Systems
Sigma-Rules
A repository of my own Sigma detection rules.
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
SysmonTools
Utilities for Sysmon
threatest
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
windows-defender-remover
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
YetiToElastic
YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack
zeek2es
A Python application to filter and transfer Zeek logs to Elastic/OpenSearch. This app can also output pure JSON logs to stdout for further processing!