d4rk-d4nph3

Ransomware-Reports

This repo is a collection of Ransomware reports from vendors, researchers, etc.

Ransim

Ransomware Simulator for testing Blue Team Detections

ThreatStack

Automated Collection of Threat Intel Feeds

Suri

My Suricata setup

Windows-Event-Samples

Sample Windows Event Logs

Awesome-CobaltStrike-Defence

Defences against Cobalt Strike

Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Egress-Assess-Lite

Lite version of Egress-Assess made specifically for Windows

ejax

Windows EVTX to XML and JSON converter

SSFinder

Script to find IoCs of Silver Sparrow malware

exfinder

Precision Windows EVTX Searcher

Myra

Automated PCAP Report Generator with Threat Intel Integration

APTSimulator

A toolset to make a system look as if it was the victim of an APT attack

auditd

Best Practice Auditd Configuration

car

Cyber Analytics Repository

Cobalt-Wipe

Cobalt wipe is the non-commercial version of Cobalt-Strike 4.3 (May 2021 Release)

community

All open-source resources for the Prelude Operator C2 platform

CVE-2021-1675

Impacket implementation of CVE-2021-1675

CVE-2021-1676

CVE-2021-1675 Detection Info

d4rk-d4nph3

noPac

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

nsm-attack

Mapping NSM rules to MITRE ATT&CK

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

public-resources

Collection of resources related to the Center for Threat-Informed Defense

python-evtx

Pure Python parser for recent Windows Event Log files (.evtx)

SharpRDP

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution

sigma

Generic Signature Format for SIEM Systems

sysmon-config

Sysmon configuration file template with default high-quality event tracing

sysmon-modular

A repository of sysmon configuration modules

Zeeking