weslambert

followers

following

stars

Security Onion Solutions LLC

Augusta, GA

https://infosec.exchange/@weslambert

@therealwlambert

weslambert's starred repositories

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT16353 568 175

cve

Gather and update all available and newest CVEs with their PoC.

Language:HTMLMIT6148 322 50

digger

Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline ⚡️

Language:GoApache-2.02720 16 389

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustGPL-3.02570 50 87

FIR

Fast Incident Response

Language:PythonGPL-3.01687 119 220

Home-Grown-Red-Team

Language:Python611 14 14

HijackLibs

Project for tracking publicly disclosed DLL Hijacking opportunities.

GPL-3.0608 16 15

GC2-sheet

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

Language:GoGPL-3.0487 15 11

LOOBins

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

Language:PythonGPL-3.0391 10 62

ransomware_map

Map tracking ransomware, by OCD World Watch team

substation

Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.

Language:GoMIT288 8 20

kunai

Threat-hunting tool for Linux

Language:RustGPL-3.0279 7 39

Malware

macOS Malware Collection

GPL-3.0227 270

RITA-J

Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.

Language:Jupyter NotebookGPL-3.0188 18 1

testmynids.org

A website and framework for testing NIDS detection

Language:Shell169 5 2

DocIntel

Open Source Platform for storing, organizing, and searching documents related to cyber threats

Language:JavaScriptNOASSERTION147 4 98

yara-forge

Automated YARA Rule Standardization and Quality Assurance Tool

Language:PythonGPL-3.0127 9 6

pCraft

pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.

Language:CMIT88 15 8

dynmx

Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!

Language:PythonApache-2.081 2 1

WonkaVision

Language:C#NOASSERTION78 20

windows-dll-env-hijacking

Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.

Language:ShellGPL-3.056 10

sigmaio

simple webapp for converting sigma rules into siem queries using the pySigma library

Language:HTMLUnlicense47 2 2

Yobi

Yara Based Detection Engine for web browsers

Language:JavaScriptGPL-3.046 1 1

detections

Placeholder for my detection repo and misc detection engineering content

Language:Jupyter Notebook43 30

windows-sandbox-to-elastic

Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.

Language:PowerShellApache-2.042 20

strelka-ui

Strelka Web UI for File Submission and Analysis

Language:JavaScriptNOASSERTION38 9 7

etw-event-dumper

Language:C#MIT31 3 1

ARGUS

Language:PythonGPL-3.01400

fmd

Windows file metadata / forensic tool.

Language:RustMIT14 4 8

iris-velo-org-module

Language:PythonLGPL-3.0400