Gavin Knapp's repositories
KustQueryLanguage_kql
Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
DefensivePowerShell
repo with scripts to query VT API via PowerShell
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
yara_rules
Repo for YARA rules written by and me and other third party rules I find useful
deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
DFIR_Scripts
Repo to hold useful DFIR scripts
Enum
Just a simple PowerShell Enumeration Script
FitnessAndNutrition
Fitness and Nutrition Programs
MS-Sentinel-Content
Microsoft Sentinel Content
MultiOneTimePassword-CredentialProvider
Aims to improve the overall security of the Windows logon process by adding 2FA Authentication. Uses multiOTP as authentication endpoint.
OffensiveNotion
Notion as a platform for offensive operations