Ömürcan TATAR's starred repositories
SIGMA-detection-rules
Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Wireshark-Traffic-Analysis
Collection of Wireshark resources & PCAP files used in the Blue Team training course
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
Marvel-Lab
A collection of Powershell scripts that will help automate the build process for a Marvel domain.
misp-playbooks
MISP Playbooks
Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
mbc-markdown
MBC content in markdown
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
hayabusa-rules
Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
Villain
Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
BloodHound
Six Degrees of Domain Admin
mitreattack-python
A python module for working with ATT&CK
DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
RedHunt-OS
Virtual Machine for Adversary Emulation and Threat Hunting
awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
Invoke-Obfuscation
PowerShell Obfuscator