Eric's repositories
python-urlscan
Simple python class to interface with UrlScan.io
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
sublime-rules
Sublime rules for email attack detection, prevention, and threat hunting.
alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
APOLLO
Apple Pattern of Life Lazy Output'er
BITB
Browser In The Browser (BITB) Templates
cbapi-python
Carbon Black API - Python language bindings
CVE-2022-22963
CVE-2022-22963 PoC
detections
A home for detection content developed by the delivr.to team
File-Smuggling
HTML smuggling is not an evil, it can be useful
iLEAPP
iOS Logs, Events, And Plist Parser
iTunes_Backup_Reader
Python 3 Script to parse out iTunes backups
KilledProcessCanary
A canary designed to minimize the impact from certain Ransomware actors
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
serverless-kinesis-firehose
JSON collector powered by Serverless Framework, Amazon Kinesis Firehose, Amazon S3
stethoscope
Personalized, user-focused recommendations for employee information security.
TA-ouilookup
WireShark OUI Lookup -- Simple Splunk TA for obtaining the manufacturer for a provided MAC address
unredacter
Never ever ever use pixelation as a redaction technique
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response