pabit's repositories
2023
Rules Shared by the Community from 100 Days of YARA 2023
attack-simulator
Simulate past supply chain attacks such as SolarWinds, Codecov, and ua-parser-js
awesome-detection-rules
This is a collection of threat detection rules / rules engines that I have come across.
awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
awesome-incident-response
A curated list of tools for incident response
awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Blackout
kill anti-malware protected processes using BYOVD
CTI-fundamentals
A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence
decider
A web application that assists network defenders, analysts, and researcher in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.
evilgophish
evilginx2 + gophish
Freeze.rs
Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
Fugu15
Fugu15 is a semi-untethered permasigned jailbreak for iOS 15
GRFICSv2
Version 2 of the Graphical Realism Framework for Industrial Control Simulation (GRFICS)
heimdall2
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
iLEAPP
iOS Logs, Events, And Plist Parser
ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
MagicSigner
Signtool for expired certificates
Office365itpros
Office 365 for IT Pros PowerShell examples
PWF
Practical Windows Forensics Training
Redream
Realtime Diffusion, using Automatic1111 Stable Diffusion API
ROADtools
A collection of Azure AD tools for offensive and defensive security purposes
saf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Sentinel-Queries
Collection of KQL queries
srum-dump
A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts