iammrherb's repositories
activity-log-export-automation
Connect Splunk to Azure Activity Log via PowerShell automation
azure-collector
Alert Logic Azure Collector
azuremonitor2syslog
Forward Azure monitor logs to syslog (via Event Hub)
Blacksmith
Building environments to replicate small networks and deploy applications
chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
CVE-2021-25374_Samsung-Account-Access
This script can be used to gain access to a victim's Samsung Account if they have a specific version of Samsung Members installed on their Samsung Device, and if the victim's device is from the US or Korea region.
deploymentmanager-samples
Deployment Manager samples and templates.
office365-management-api-elk
An API connector for the Office 365 Management API and the Elastic Stack
parallel-ssh
Automatically exported from code.google.com/p/parallel-ssh
leonidas
Automated Attack Simulation in the Cloud, complete with detection use cases.
powershell
Just random powershell things I've put together.
PSHero
PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
snake
snake - a malware storage zoo
sysmon-edr
Sysmon EDR POC Build within Powershell to prove ability.
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.