Eric Capuano's repositories
gsuite-login-geoip
A script to analyze geographic GSuite Login activity
PhishReporter-Outlook-Add-In
PhishReporter Outlook Add-In in an Outlook Add-In that allows users to report phishing e-mails to a specific e-mail address for further processing/investigation. Fork of https://github.com/MSAdministrator/PhishReporter-Outlook-Add-In
DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Graylog_Sysmon
Advanced Threat detection Configurations for Graylog
password_cracking_rules
One rule to crack all passwords. or atleast we hope so.
brawl-public-game-001
Data from a BRAWL Automated Adversary Emulation Exercise
Cortex-Analyzers
Cortex Analyzers Repository
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
hubot-grafana
Query Grafana dashboards.
Logstash-Configs
Contains log parsers for Logstash for many systems and applications. Also contains many methods of augmenting logs.
SlackShell
PowerShell to Slack C2
sso-wall-of-shame
A list of vendors that treat single sign-on as a luxury feature, not a core security requirement.
timesketch
Collaborative forensic timeline analysis
velociraptor-docs
Documentation site for Velociraptor
velociraptor-web
Velociraptor's documentation site.
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response