hilt86

Hilton's starred repositories

mvt

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

Language:PythonNOASSERTION10094 250 287

dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Language:PythonApache-2.04775 154 120

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.

Language:PythonApache-2.03065 81 84

volatility3

Volatility 3.0 development

Language:PythonNOASSERTION2441 56 519

windows_hardening

HardeningKitty and Windows Hardening Settings

Language:PowerShellMIT2289 69 60

EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

Language:HTMLGPL-3.02178 144 12

DeTTECT

Detect Tactics, Techniques & Combat Threats

Language:SCSSGPL-3.02022 92 96

hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

Language:CBSD-2-Clause1968 66 15

CAPEv2

Malware Configuration And Payload Extraction

Language:PythonNOASSERTION1814 66 695

Security-Datasets

Re-play Security Events

Language:PowerShellMIT1576 93 37

EDR-Telemetry

This project aims to compare and evaluate the telemetry of various EDR products.

Language:Python1462 54 29

matano

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Language:RustApache-2.01421 22 105

OSSEM

Open Source Security Events Metadata (OSSEM)

Language:PythonMIT1223 106 39

PowerShellArsenal

A PowerShell Module Dedicated to Reverse Engineering

Language:PowerShell848 66 7

Invoke-DOSfuscation

Cmd.exe Command Obfuscation Generator & Detection Test Harness

Language:PowerShellApache-2.0799 28 2

WinPmem

The multi-platform memory acquisition tool.

Language:CApache-2.0647 25 34

alerting-detection-strategy-framework

A framework for developing alerting and detection strategies for incident response.

MIT641 2780

Fermion

Fermion, an electron wrapper for Frida & Monaco.

Language:CSSBSD-3-Clause640 23 14

rpcfirewall

Language:C++NOASSERTION468 17 15

issue-status

A flexible, modern and blazingly fast ☄️ status page

Language:TypeScriptMIT254 5 42

MDEtester

MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.

Language:PowerShellBSD-3-Clause183 6 2

sagan

Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather than network packets.

Language:CGPL-2.0152 8 77