bfuzzy's repositories

auditd-attack

A Linux Auditd rule set mapped to MITRE's Attack Framework

ThreatHunter-Playbook

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

License:MITStargazers:14Issues:7Issues:0

FuzzySysmon

My sysmon config I use for testing purposes

mac4n6

Collection of forensics artifacs location for Mac OS X and iOS

Language:PythonLicense:Apache-2.0Stargazers:1Issues:2Issues:0

OSSEM

Open Source Security Events Metadata (OSSEM)

threat_hunting_tables

Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs

threathunting-spl

Splunk code (SPL) useful for serious threat hunters.

Windows_Baselines

Windows Baselines

APTSimulator

A toolset to make a system look as if it was the victim of an APT attack

Language:BatchfileStargazers:0Issues:2Issues:0

crave

Framework to automatically test and explore the capabilities of generic AV engines

Language:PythonLicense:GPL-3.0Stargazers:0Issues:2Issues:0

docker-bro

Bro IDS Dockerfile

Language:BroLicense:MITStargazers:0Issues:2Issues:0

Grouper

A PowerShell script for helping to find vulnerable settings in AD Group Policy.

Language:PowerShellLicense:MITStargazers:0Issues:2Issues:0

HELK

The Hunting ELK

Language:ShellLicense:BSD-3-ClauseStargazers:0Issues:2Issues:0

PowerLessShell

Run PowerShell command without invoking powershell.exe

Language:PythonLicense:NOASSERTIONStargazers:0Issues:2Issues:0

PowerShell-Suite

My musings with PowerShell

Language:PowerShellLicense:BSD-3-ClauseStargazers:0Issues:2Issues:0

PyPowerShellXray

Python script to decode common encoded PowerShell scripts

Language:PythonStargazers:0Issues:2Issues:0

search-guard

Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorisation.

Language:JavaLicense:Apache-2.0Stargazers:0Issues:2Issues:0

Security-Data-Analysis

A series of labs that will help users apply various data science techniques to security related data.

Language:Jupyter NotebookStargazers:0Issues:2Issues:0

Skadi

Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux

Language:ShellLicense:GPL-3.0Stargazers:0Issues:2Issues:0
Stargazers:0Issues:2Issues:0

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

Language:PythonLicense:NOASSERTIONStargazers:0Issues:2Issues:0

sysmon-modular

A repository of sysmon configuration modules

License:MITStargazers:0Issues:2Issues:0

Threat-Hunty-Stuff

Random Threat Hunting Stuff

Stargazers:0Issues:2Issues:0

Vega_Sankey

Vega Sankey

Stargazers:0Issues:2Issues:0
Language:GoLicense:Apache-2.0Stargazers:0Issues:2Issues:0

WinLogsZero2Hero

This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.

Language:PowerShellStargazers:0Issues:2Issues:0