Beast code in Giters

unforensicate's starred repositories

v2ray-core

A platform for building proxies to bypass network restrictions.

Language:GoMIT29123 435 956

dnSpy

.NET debugger and assembly editor

Language:C#26425 9920

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Language:CMIT9616 350 267

sigma

Main Sigma Rule Repository

Language:PythonNOASSERTION8198 343 598

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Language:PythonGPL-3.05380 144 182

GOAD

game of active directory

Language:PowerShellGPL-3.05111 78 187

ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Language:PythonMIT3988 371 33

awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

3619 191 6

APTnotes

Various public documents, whitepapers and articles about APT campaigns

3477 641 194

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Language:PowerShellMIT2456 76 2

Microsoft-365-Defender-Hunting-Queries

Sample queries for Advanced hunting in Microsoft 365 Defender

Language:Jupyter NotebookMIT1920 197 36

osxcollector

A forensic evidence collection & analysis toolkit for OS X

Language:PythonNOASSERTION1871 125 75

plaso

Super timeline all the things

Language:PythonApache-2.01707 92 2037

Sentinel-Queries

Collection of KQL queries

MIT1398 86 13

log4j-affected-db

A community sourced list of log4j-affected software

Language:ShellCC0-1.01116 85 154

LOLDrivers

Living Off The Land Drivers

Language:YARAApache-2.0992 28 60

FalconFriday

Hunting queries and detections

BSD-3-Clause716 56 2

LinuxForensics

Everything related to Linux Forensics

Language:Shell672 27 1

srum-dump

A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.

Language:PythonGPL-3.0592 38 30

awesome_Threat-Hunting

A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.

534 360

automactc

AutoMacTC: Automated Mac Forensic Triage Collector

Language:PythonNOASSERTION523 72 9

MalSeclogon

A little tool to play with the Seclogon service

Language:CGPL-3.0301 6 1

lmg

Script for automating Linux memory capture and analysis

Language:Shell264 29 6

TrueTree

A command line tool for pstree-like output on macOS with additional pid capturing capabilities

Language:SwiftNOASSERTION242 13 4

crowdstrike-falcon-queries

A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

MIT187 13 2

RECmd

Command line access to the Registry

Language:RebolMIT126 19 14

ese-analyst

This is a set of tools for doing forensics analysis on Microsoft ESE databases.

Language:Python123 12 4

Awesome-Regex-Resources

A curated list of Regex Resources. Inspired by other awesome stuff

73 4 2

EventTranscript.db-Research

A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.

MIT38 30

SentinelOne-PowerSploit-Indicators

Language:PowerShell9 2 2