Dan Tovarnak's repositories
Awesome_Incident_Response
Awesome Incident Response
building-secure-and-reliable-systems
This repository contains the content of the book "Building Secure and Reliable Systems" by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, and Adam Stubblefield. Google wrote this book aiming to share knowledge about our experience in building secure systems at scale. This is not an officially supported Google product.
ClickBench
ClickBench: a Benchmark For Analytical Databases
conti-leaks-englished
Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
cve
Gather and update all available and newest CVEs with their PoC.
definitive-guide-kql
Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
docker-rt
Docker image with RT installation
docker-rt-base
Docker image with base packages for RT installation
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
esper
Esper Complex Event Processing, Streaming SQL and Event Series Analysis
ipfixcol2
High-performance NetFlow v5/v9 and IPFIX collector (RFC7011)
ipt-netflow
Netflow iptables module for Linux kernel (official)
IRM
Incident Response Methodologies 2022
libfds
Flow Data Storage library
logdata-anomaly-miner
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use.
MonarcAppFO
MONARC - Method for an Optimised aNAlysis of Risks by @NC3-LU
oca-iob
Augmentation to Machine Readable CTI
OSSEM
Open Source Security Events Metadata (OSSEM)
prql
PRQL is a modern language for transforming data — a simple, powerful, pipelined SQL replacement
re2j
linear time regular expression matching in Java
recog
Pattern recognition for hosts, services, and content
sigma
Generic Signature Format for SIEM Systems
spark-search
Spark Search - high performance advanced search features based on Apache Lucene
ThePhish
ThePhish: an automated phishing email analysis tool
tpm-fido
A WebAuthn/U2F token protected by a TPM (Go/Linux)
trie4j
PATRICIA, Double Array, LOUDS Trie implementations for Java
what_are_embeddings
A deep dive into embeddings starting from fundamentals