ionstorm's repositories
osquery-configuration
A repository for using osquery for incident detection and response
DetectionLab
Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
osquery-attck
Mapping the MITRE ATT&CK Matrix with Osquery
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
edgerouter-graylog-extractors
Graylog Extractors for Edgerouter Firewall Logs
graylog-plugin-correlation-count
Alert condition plugin for Graylog to perform correlation
PhishingRegex
Backup of my phishing regular expression testing bench
PowerShell-Suite
My musings with PowerShell
PSPushTeams
Collection of scripts used to push notifications to Microsoft Teams using Webhooks, POST and JSON
ConnectWise_SQL
Some useful SQL Views/Scripts that I have used
dradis-powershell-api
An API client wrapper for Dradis Professional written in PowerShell
graylog-content-pack-sonicwall
SonicWall Content Pack for Graylog
graylog-plugin-aggregation-count
Alert condition plugin for Graylog to perform aggregation
HELK
The Hunting ELK
icebreaker
Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
N-Able-Automation
A collection of various scripts and AMPs for Solarwinds N-Able
PowerKrabsEtw
PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
Probable-Wordlists
Wordlists sorted by probability originally created for password generation and testing
randomrepo
Repo for random stuff
reporter
Service that generates a PDF report from a Grafana dashboard
SwiftFilter
Exchange Transport rules to detect and enable response to phishing
TA-DNSETW
This app leverages the krabsetw framework to compile an executable for DNS logging. This app can be used with Splunk.
vm-templates
FreeNAS 10 virtual machine templates