sulthantth

followers

following

stars

sulthantth's starred repositories

log4j-scanner

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Language:Java127800

awesome-log4shell

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

CC0-1.022100

sigma2snypr

Sigma framework integration with Snypr platform

Language:Python600

CarbonCopy

A tool which creates a spoofed certificate of any online website and signs an Executable for AV Evasion. Works for both Windows and Linux

Language:PythonApache-2.0125800

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

Language:CBSD-3-Clause321400

ToolAnalysisResultSheet

Tool Analysis Result Sheet

Language:HTML33800

suricataja3

Create a simple suricata rule blocking on ja3 hash from pcap

Language:Shell300

Kaiser

Fileless persistence, attacks and anti-forensic capabilties.

Language:C8400

living-off-the-land

Fileless attack with persistence

Language:C++BSD-2-Clause27300

r77-rootkit

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

Language:CBSD-2-Clause148800

sentinel-training

Language:PowerShell3600

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Language:Jupyter NotebookMIT427000

ZheTian

::ZheTian / 强大的免杀生成工具，Bypass All.

Language:GoMIT71100

Kage

Kage is Graphical User Interface for Metasploit Meterpreter and Session Handler

GPL-3.0300

Linux-Privilege-Escalation-MindMap

OSCP Privilege Escalation MindMap/Guide

GPL-3.019100

Pluralsight-Course-Downloader

Chrome Extension: Easily download course video from pluralsight. Videos renamed and organized in folder.

Language:JavaScriptUnlicense18400

Adama

Searches For Threat Hunting and Security Analytics

NOASSERTION24100

sysmon-dfir

Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

GPL-3.088500

DetectionLab

Automate the creation of a lab environment complete with security tooling and logging best practices

Language:HTMLMIT450000

detect-responder

Language:Python7600

BoomBox

Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant

Language:PowerShellMPL-2.023100

DanderSpritz_lab

A fully functional DanderSpritz lab in 2 commands

Language:HTML41600

MSRPC-to-ATTACK

A repository that maps commonly used attacks using MSRPC protocols to ATT&CK

BSD-3-Clause30200

evtx

Golang Parser for Microsoft Event Logs

Language:GoApache-2.09400

ForensicsTools

Tools for DFIR

Language:C++11500

golang-evtx

Language:GoGPL-3.015400

libevtx

Library and tools to access the Windows XML Event Log (EVTX) format

Language:CLGPL-3.017900

evtx

A Fast (and safe) parser for the Windows XML Event Log (EVTX) format

Language:RustApache-2.058900

python-exe-unpacker

A helper script for unpacking and decompiling EXEs compiled from python code.

Language:PythonGPL-3.085700

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustGPL-3.0254000