dfirence

ma-insights-xe

User Feedback Space of #MitreAssistant

ma-sets

Powered By #MitreAssistant For Samples of MITRE ATT&CK Adversaries, Weapons & Tools

pe-compass-samples

PE Samples To Test

TelemetrySource

Forensia

Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

Mindmap

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

safiro-demo

A Web Based Demo of Safiro Telemetry

aod-public

Community Outreach Resource For AOD

Content-Library-CIM2

Clone from EXABEAM

data

FlavorTown

Various ways to execute shellcode

GC2-sheet

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Hypervisor-101-in-Rust

The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.

json-rule-editor-cloned

Json rule editor

next-experiment

ntdlll-unhooking-collection

different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)

panoptes_lcostantino

A simple ETW watcher that output JSON and provides a JS engine to manipulate the events.

PersistenceSniper_DFIR

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.

ptscan

A pointer scanner for Windows written in Rust

public-strike-paths

Outreach Location About Strike-Paths Utility

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

rplearn

My Reactive Programming Exercises

RustAlgo

All Algorithms implemented in Rust

sandbox-attacksurface-analysis-tools

Set of tools to analyze Windows sandboxes for exposed attack surface.

Shellcode-Hide

This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

SoftEtherVPN

Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.

SysmonCommunityGuide

TrustedSec Sysinternals Sysmon Community Guide

TangledWinExec

PoCs and tools for investigation of Windows process execution techniques

vmprotect-3.5.1