nov3mb3r

followers

following

stars

@FalconForceTeam

november 's starred repositories

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

rules

Repository of yara rules

Language:YARAGPL-2.04084 352 193

awesome-forensics

A curated list of awesome forensic analysis tools and resources

CC0-1.03778 169 10

hardentools

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Language:GoGPL-3.02871 118 66

red_team_tool_countermeasures

Language:YARABSD-2-Clause2637 243 12

volatility3

Volatility 3.0 development

Language:PythonNOASSERTION2459 55 520

PowerForensics

PowerForensics provides an all in one platform for live disk forensic analysis

Language:C#MIT1378 159 125

red-team-scripts

A collection of Red Team focused tools, scripts, and notes

Language:PowerShellBSD-3-Clause1104 53 1

IRM-deprecated

Incident Response Methodologies

NOASSERTION1021 108 1

OSCP

Collection of things made during my OSCP journey

Language:Python927 60 4

klara

Kaspersky's GReAT KLara

Language:PHPNOASSERTION690 62 19

dostoevsky-pentest-notes

Notes for taking the OSCP in 2097. Read in book form on GitBook

CyLR

CyLR - Live Response Collection Tool

Language:C#GPL-3.0616 31 74

Yara-Rules

Repository of YARA rules made by Trellix ATR Team

Language:YARAApache-2.0556 52 10

PSRecon

:rocket: PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.

Language:PowerShellApache-2.0472 54 6

RegHex

A collection of regexes for every possbile use

Language:Shell383 150

dfir-orc

Forensics artefact collection tool for systems running Microsoft Windows

Language:C++LGPL-2.1364 27 58

PSHunt

Powershell Threat Hunting Module

Language:PowerShellApache-2.0275 33 1

Magic-Unicorn-Tool

Language:PythonBSD-2-Clause261 31 5

userline

Query and report user logons relations from MS Windows Security Events

Language:PythonBSD-3-Clause240 29 2

blue-team

Blue Team Scripts

Language:ShellGPL-3.0239 22 1

nathan

Android Emulator for mobile security testing

Language:PythonMIT221 25 12

YaraGuardian

Django web interface for managing Yara rules

Language:PythonApache-2.0188 46 45

afro

File recovery for APFS

Language:Python157 14 16

usbdeviceforensics

Python script for extracting USB information from Windows registry hives

Language:Python124 13 10

NOAH

PowerShell No Agent Hunting

Language:PowerShellBSD-3-Clause108 11 3

yara-endpoint

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Language:GoApache-2.0103 21 6

trident

A PowerShell incident response script for quick triage

Language:PowerShellApache-2.074 40

KStrike

Stand-alone parser for User Access Logging from Server 2012 and newer systems

Language:PythonNOASSERTION68 6 1

volatility_profile_builder

Python script to auto-build linux volatility profiles

Language:Python600