birch's starred repositories
DefenderHarvester
Expose a lot of MDE telemetry that is not easily accessible in any searchable form
FalconForge
This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deploying a repository of use-cases for the Sentinel and Microsoft 365 Defender products.
ansible-for-splunk-cloud
Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
qubes-keepass
rofi based frontend for KeePassXC running on Qubes OS
stenographer
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
SOC-OpenSource
This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.
requests-html
Pythonic HTML Parsing for Humans™
nixos-anywhere
install nixos everywhere via ssh [maintainer=@numtide]
sysmon-modular
A repository of sysmon configuration modules
requests-html
Pythonic HTML Parsing for Humans™
terraform-provider-proxmox
Terraform Provider for Proxmox
cephadm-ansible
ansible playbooks to be used with cephadm
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
attack_data
A repository of curated datasets from various attacks