archb1sh0p's starred repositories

autogen

A programming framework for agentic AI. Discord: https://aka.ms/autogen-dc. Roadmap: https://aka.ms/autogen-roadmap

Language:Jupyter NotebookLicense:CC-BY-4.0Stargazers:28816Issues:361Issues:1491

awesome-forensics

A curated list of awesome forensic analysis tools and resources

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustLicense:GPL-3.0Stargazers:2646Issues:51Issues:91

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Language:JinjaLicense:Apache-2.0Stargazers:2037Issues:80Issues:286

cti

Cyber Threat Intelligence Repository expressed in STIX 2.0

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

flowframes

Flowframes Windows GUI for video interpolation using DAIN (NCNN) or RIFE (CUDA/NCNN)

Language:PythonLicense:GPL-3.0Stargazers:1404Issues:25Issues:281

SharpDPAPI

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

Language:C#License:NOASSERTIONStargazers:1116Issues:34Issues:13

saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

BestEdrOfTheMarket

Little user-mode AV/EDR evasion lab for training & learning purposes

Language:C++License:MITStargazers:955Issues:15Issues:4

FalconHound

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

Language:GoLicense:BSD-3-ClauseStargazers:716Issues:12Issues:0

attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

Language:TypeScriptLicense:Apache-2.0Stargazers:527Issues:91Issues:28

Microsoft-Extractor-Suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Language:PowerShellLicense:GPL-2.0Stargazers:425Issues:17Issues:48

Azure-AD-Incident-Response-PowerShell-Module

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.

Language:PowerShellLicense:MITStargazers:405Issues:23Issues:4

ilo4_unlock

A toolkit for patching HPE's iLO 4 Firmware with access to previously inaccessible utilities

Language:ShellLicense:GPL-3.0Stargazers:324Issues:26Issues:12

T95-H616-Malware

"Pre-Owned" malware in ROM for AllWinner H616/H618 & RockChip RK3328 Android TV Boxes

Language:JavaStargazers:292Issues:21Issues:0

dfiq

DFIQ is a collection of investigative questions and the approaches for answering them

Language:PythonLicense:Apache-2.0Stargazers:241Issues:8Issues:10
Language:CLicense:MITStargazers:151Issues:4Issues:0
Language:Jupyter NotebookLicense:MITStargazers:90Issues:8Issues:1

trident

A PowerShell incident response script for quick triage

Language:PowerShellLicense:Apache-2.0Stargazers:73Issues:4Issues:0

Practical-Threat-Detection-Engineering

Practical Threat Detection Engineering, Published by Packt

MS-Graph-BlueTeam

MS Graph Commands and Tools for Blue Teamers

cve-markdown-charts

A simple tool to create mermaid js markdown charts from CVE IDs and CVE keyword searches.

Language:PythonLicense:MITStargazers:40Issues:1Issues:1

Get-InjectedThreadEx

Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2

Language:PowerShellLicense:MITStargazers:22Issues:2Issues:0

Flux_Capacitor_Mini

Miniature PCB Version of Flux Capacitor.

Language:HTMLLicense:NOASSERTIONStargazers:13Issues:2Issues:0

Decks-and-Resources

Links and useful documents from my presentations

License:CC0-1.0Stargazers:10Issues:2Issues:0

ParrotForce

Azure playbook for automatic evidence collection