groggi

monica

Personal CRM. Remember everything about your friends, family and business relationships.

d2

D2 is a modern diagram scripting language that turns text to diagrams.

maltrail

Malicious traffic detection system

GOAD

game of active directory

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

ICS-Security-Tools

Tools, tips, tricks, and more for exploring ICS Security.

Digital-Forensics-Guide

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

awesome-soc

A collection of sources of documentation, as well as field best practices, to build/run a SOC

IRM

Incident Response Methodologies 2022

saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

SysmonSimulator

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

ransomwatch

the transparent ransomware claim tracker 🥷🏼🧅🖥️

Kuiper

Digital Forensics Investigation Platform

PipeViewer

A tool that shows detailed information about named pipes in Windows

seekr

A multi-purpose OSINT toolkit with a neat web-interface.

Darksearch

:mag::shipit: Search engine for hidden material. Scraping dark web onions, irc logs, deep web etc...

DFIR-O365RC

PowerShell module for Office 365 and Azure log collection

OneDriveExplorer

OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat and <UserCid>.dat.previous file.

ALFA

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework

Software-Supply-Chain-Security

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.

vss_carver

Carves and recreates VSS catalog and store from Windows disk image.

T3SF

Technical Tabletop Exercises Simulation Framework

easy-wins-endpoint-defense

Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endpoints.

subcrawl

SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as Elastic.

cobalt-strike-stager-parser

ASRGEN

ASR Configurator, Essentials and Atomic Testing

Advisories

badfiles

A detailed list of potentially dangerous file extensions