0xSultan

0xSultan's Stars

• InQuest/awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  3.5k487

• Fadi002/unshackle

  Open-source tool to bypass windows and linux passwords from bootable usb

  Language:Shell1.8k120

• solomonsonya/Xavier_MemoryAnalysis_Framework

  Xavier Framework is a user interface wrapper built on top of the Volatility(c) memory forensics framework.

  Language:Java452

• AlessandroZ/LaZagne

  Credentials recovery project

  Language:Python9.6k2k

• SpecterOps/at-ps

  Adversary Tactics - PowerShell Training

  Language:PowerShell1.5k328

• RPISEC/Malware

  Course materials for Malware Analysis by RPISEC

  3.8k786

• WKL-Sec/WMIExec

  Set of python scripts which perform different ways of command execution via WMI protocol.

  Language:Python15824

• pwn1sher/WMEye

  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement

  Language:C#36156

• LordNoteworthy/al-khaser

  Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

  Language:C++5.9k1.2k

• 0xStarlight/CRTP-Notes

  Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

  29960

• frkngksl/NimExec

  Fileless Command Execution for Lateral Movement in Nim

  Language:Nim36336

• PaulNorman01/Forensia

  Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.

  Language:C++73273

• hevnsnt/Awesome_Incident_Response

  Awesome Incident Response

  Language:PowerShell26017

• gentilkiwi/kekeo

  A little toolbox to play with Microsoft Kerberos in C

  Language:C1.4k211

• mthcht/ThreatHunting-Keywords

  Awesome list of keywords and artifacts for Threat Hunting sessions

  Language:HTML46454

• Significant-Gravitas/AutoGPT

  AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

  Language:Python168k44.4k

• olafhartong/sysmon-modular

  A repository of sysmon configuration modules

  Language:PowerShell2.7k588

• splunk/attack_range

  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

  Language:Jinja2.1k356

• kmaasrud/awesome-obsidian

  🕶️ Awesome stuff for Obsidian

  Language:CSS6.8k286

• west-wind/Threat-Hunting-With-Splunk

  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise

  568

• olafhartong/ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  1.1k178

• splunk/security_content

  Splunk Security Content

  Language:Python1.3k361

• MHaggis/hunt-detect-prevent

  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.

  Language:PowerShell16241

• MHaggis/sysmon-dfir

  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

  899183

• M0kh/VirusTotal-Checker

  A python script that checks a list of URLs or hashes on Virustotal

  Language:Python21

• jschicht/LogFileParser

  Parser for $LogFile on NTFS

  Language:AutoIt18928

• andreafortuna/malhunt

  Hunt malware with Volatility

  Language:Python4712

• Mr-Un1k0d3r/PowerLessShell

  Run PowerShell command without invoking powershell.exe

  Language:Python1.5k251

• ufrisk/LeechCore

  LeechCore - Physical Memory Acquisition Library & The LeechAgent Remote Memory Acquisition Agent

  Language:C51994

• evild3ad/MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  Language:PowerShell53458