duzvik's repositories
APT_CyberCriminal_Campagin_Collections
APT & CyberCriminal Campaign Collection
APT_REPORT
Interesting apt report collection and some special ioc express
awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
awesome_windows_logical_bugs
collect for learning cases
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Azure-Sentinel2Go
Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab.
azure_egress_nat
How to use an Ubuntu VM for egress
AzureC2Relay
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.
CyberThreatIntel
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
DetectionLabELK
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
extension-examples
JupyterLab Extensions by Examples
Fermion
Fermion, an electron wrapper for Frida & Monaco.
GitHubPrivateRepoFileFetcher
http://blog.tyang.org/2017/05/19/deploying-arm-templates-with-artifacts-located-in-a-private-github-repository/
HELK
The Hunting ELK
Honey-Sessions
A tool for spoofing user sessions in active directory
killProcessPOC
use aswArPot.sys to kill process
Pentesting
Tricks for penetration testing
physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
project-freta
MSR Project Freta
pypsrp
PowerShell Remoting Protocol for Python
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
Research
Research indicators and detection rules
Rubeus
Trying to tame the three-headed dog.
Slides
Misc Threat Hunting Resources
WinPmem
The multi-platform memory acquisition tool.