CodeAllTheThings's starred repositories
kws-cluster
My homelab GitOps IaC repo
cluster-monitoring
Cluster monitoring stack for clusters based on Prometheus Operator
defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
tailscale-client-go
A client implementation for the Tailscale HTTP API
go-win64api
Windows API wrappers for Go - useful for SysOps
RedTeamPowershellScripts
Various PowerShell scripts that may be useful during red team exercise
ossec-sysmon
A Ruleset to enhance detection capabilities of Ossec using Sysmon
RedTeaming_CheatSheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
EnterprisePurpleTeaming
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
SharpEDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
365Inspect
A PowerShell script that automates the security assessment of Microsoft 365 environments.
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
gsvsoc_cirt-playbook-battle-cards
Cyber Incident Response Team Playbook Battle Cards
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
sigma-rules
Sigma rules from Joe Security
atomic-operator
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
tailscale-sidecar
A TCP proxy used to expose services onto a tailscale network without root. Ideal for container environments.