perch-stu

followers

following

stars

perch-stu's starred repositories

C2-Tracker

Live Feed of C2 servers, tools, and botnets

Language:Python43300

flare-fakenet-ng

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Language:PythonApache-2.0171500

infosec-jupyterthon

A community event for security researchers to share their favorite notebooks

Language:Jupyter NotebookGPL-3.010300

JonMon

Language:CMIT14900

awesome-intelligence-writing

Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc

CC-BY-SA-4.048300

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Language:JinjaApache-2.0200300

interactsh

An OOB interaction gathering server and client library

Language:GoMIT316200

EHole

EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具

Language:GoApache-2.0293800

skrapa

A zero dependency and customizable Python library for scanning Windows and Linux process memory.

Language:PythonApache-2.06100

trs

🔭 Threat report analysis via LLM and Vector DB

Language:PythonApache-2.0600

PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

RMML

A list of RMMs designed to be used in automation to build alerts

Language:PythonMIT9900

BestEdrOfTheMarket

Little user-mode AV/EDR evasion lab for training & learning purposes

Language:C++MIT93500

ezines

Language:HTML1000

gef

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Language:PythonMIT659700

pwndbg

Exploit Development and Reverse Engineering with GDB Made Easy

Language:PythonMIT690200

GDBleed

Dynamic-Static binary instrumentation framework on top of GDB

Language:PythonMIT4700

tenzir

Open source security data pipelines.

Language:C++BSD-3-Clause62200

suriwire

Wireshark plugin to display Suricata analysis info

Language:LuaGPL-3.09000

arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

Language:JavaScriptApache-2.0616500

LdrLibraryEx

A small x64 library to load dll's into memory.

Language:C40600

hermit

Actually Portable WebAssembly compiler toolchain for self-contained cross-platform binaries

Language:CApache-2.017900

emba

EMBA - The firmware security analyzer

Language:ShellGPL-3.0247100

FalconHound

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

Language:GoBSD-3-Clause68900

ghidriff

Python Command-Line Ghidra Binary Diffing Engine

Language:PythonGPL-3.045700

Nightmangle

Language:Rust12400

sysmon-modular

A repository of sysmon configuration modules

Language:PowerShellMIT253100

mwcfg

A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck

Language:PythonBSD-3-Clause12400

binlex

A Binary Genetic Traits Lexer Framework

Language:C++Unlicense38400

PortEx

Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

Language:JavaApache-2.049300