weslambert

followers

following

stars

Security Onion Solutions LLC

Augusta, GA

https://infosec.exchange/@weslambert

@therealwlambert

weslambert's starred repositories

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT16180 569 173

cve

Gather and update all available and newest CVEs with their PoC.

Language:HTMLMIT6057 319 50

digger

Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline ⚡️

Language:GoApache-2.02662 17 352

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

Language:RustGPL-3.02544 49 86

FIR

Fast Incident Response

Language:PythonGPL-3.01666 119 219

Home-Grown-Red-Team

Language:Python603 14 14

HijackLibs

Project for tracking publicly disclosed DLL Hijacking opportunities.

GPL-3.0593 16 15

GC2-sheet

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

Language:GoGPL-3.0485 15 11

LOOBins

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.

Language:PythonGPL-3.0386 9 61

ransomware_map

Map tracking ransomware, by OCD World Watch team

substation

Substation is a security analytics and data pipeline toolkit for the cloud (AWS) and more.

Language:GoMIT275 8 20

kunai

Threat-hunting tool for Linux

Language:RustGPL-3.0262 7 38

Malware

macOS Malware Collection

GPL-3.0218 240

RITA-J

Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.

Language:Jupyter NotebookGPL-3.0188 18 1

testmynids.org

A website and framework for testing NIDS detection

Language:Shell149 5 2

DocIntel

Open Source Platform for storing, organizing, and searching documents related to cyber threats

Language:JavaScriptNOASSERTION145 4 98

yara-forge

Automated YARA Rule Standardization and Quality Assurance Tool

Language:PythonGPL-3.0122 9 6

pCraft

pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.

Language:CMIT88 15 8

dynmx

Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!

Language:PythonApache-2.082 2 1

WonkaVision

Language:C#NOASSERTION79 20

windows-dll-env-hijacking

Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.

Language:ShellGPL-3.056 10

sigmaio

simple webapp for converting sigma rules into siem queries using the pySigma library

Language:HTMLUnlicense47 2 2

Yobi

Yara Based Detection Engine for web browsers

Language:JavaScriptGPL-3.046 1 1

detections

Placeholder for my detection repo and misc detection engineering content

Language:Jupyter Notebook43 30

windows-sandbox-to-elastic

Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.

Language:PowerShellApache-2.041 20

strelka-ui

Strelka Web UI for File Submission and Analysis

Language:JavaScriptNOASSERTION38 9 7

etw-event-dumper

Language:C#MIT31 3 1

fmd

Windows file metadata / forensic tool.

Language:RustMIT14 4 8

ARGUS

Language:PythonGPL-3.01300

iris-velo-org-module

Language:PythonLGPL-3.0400