0xSeanG's Stars
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
ch33r10/EnterprisePurpleTeaming
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
dsnezhkov/racketeer
idnahacks/GoodHound
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
atoponce/d-note
Self destructing encrypted notes
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
mandiant/Mandiant-Azure-AD-Investigator
darkquasar/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
mandiant/SharPersist
c3c/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
swimlane/PSAttck
PSAttck is a light-weight framework for the MITRE ATT&CK Framework.
swimlane/pyattck
A Python package to interact with the Mitre ATT&CK Framework
optiv/Ivy
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
rvrsh3ll/Azure-App-Tools
Collection of tools to use with Azure Applications
ScarredMonk/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
BookStackApp/BookStack
A platform to create documentation/wiki content built with PHP & Laravel
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
dfir-iris/iris-web
Collaborative Incident Response platform
cyb3rfox/Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
cert-ee/cuckoo3
Cuckoo 3 is a Python 3 open source automated malware analysis system.
swimlane/atomic-operator
A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.
AzureAD/Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
scythe-io/purple-team-exercise-framework
Purple Team Exercise Framework
BishopFox/eyeballer
Convolutional neural network for analyzing pentest screenshots
PrateekKumarSingh/AzViz
⚡ ☁ Azure Visualizer aka 'AzViz' : A #powershell module to automatically generate Azure resource topology diagrams by just typing a PowerShell cmdlet and passing the name of one or more Azure Resource groups
mvelazc0/attack2jira
attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage
WithSecureLabs/chainsaw
Rapidly Search and Hunt through Windows Forensic Artefacts
discourse/discourse
A platform for community discussion. Free, open, simple.
markmap/markmap
Build mindmaps with plain text