bryan's starred repositories
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
requests-ip-rotator
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
auto-archiver
Automatically archive links to videos, images, and social media content from Google Sheets (and more).
cloud-forensics-utils
Python library to carry out DFIR analysis on the Cloud
aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
assisted-log-enabler-for-aws
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
sandbox-accounts-for-events
"Sandbox Accounts for Events" allows to provide multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI.
pypi-aws-secrets
This repo scans pypi for AWS keys
whiskeysamlandfriends
GoldenSAML Attack Libraries and Framework
acquire-aws-ec2
A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
Volatility-MM-CS
Volatility MindMap & Cheat Sheet