Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AllthingsTimesketch
This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.
ansible-playbooks
Playbooks for automating server procedures based on our Community guides
APT-Hunter
ATTACK-Tools
Utilities for MITRE™ ATT&CK
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
aws-automated-incident-response-and-forensics
BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
cloud-forensics-utils
Python library to carry out DFIR analysis on the Cloud
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
1r-f0rhun73r's Repositories
1r-f0rhun73r/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
1r-f0rhun73r/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
1r-f0rhun73r/aws-automated-incident-response-and-forensics
1r-f0rhun73r/BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
1r-f0rhun73r/cloud-forensics-utils
Python library to carry out DFIR analysis on the Cloud
1r-f0rhun73r/conti-leaks-englished
Google and deepl translated conti leaks, which is shared by a member of the conti ransomware group.
1r-f0rhun73r/ds4n6_lib
Library of functions to apply Data Science in several forensics artifacts
1r-f0rhun73r/elastic-container
Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
1r-f0rhun73r/EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
1r-f0rhun73r/EnterprisePurpleTeaming
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
1r-f0rhun73r/EventLogging
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
1r-f0rhun73r/forseti-security
Forseti Security
1r-f0rhun73r/garble
Obfuscate Go builds
1r-f0rhun73r/humblebundle-downloader
Download you Humble Bundle Library
1r-f0rhun73r/jarm
1r-f0rhun73r/kql-for-dfir
A guide to using Azure Data Explorer and KQL for DFIR
1r-f0rhun73r/labs
This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.
1r-f0rhun73r/LockBit
This is not a crack and not a reverse either. Lockbit RW Source codes have been completely leaked. I'm sharing it so that you don't pay for such things for nothing.
1r-f0rhun73r/LOLAPPS
LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.
1r-f0rhun73r/Microsoft-365-Extractor-Suite
A set of PowerShell scripts that allow for complete and reliable acquisition of the Microsoft 365 Unified Audit Log
1r-f0rhun73r/Notes
1r-f0rhun73r/PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
1r-f0rhun73r/presentations
1r-f0rhun73r/Rapid-Response-Reporting
RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provide accurate and timely feedback in the form of reports.
1r-f0rhun73r/real-time-enforcer
Evaluate existing GCP resources against defined policies. Policies may also contain instructions for remediating such violations.
1r-f0rhun73r/resource-policy-evaluation-library
1r-f0rhun73r/retoolkit
Reverse Engineer's Toolkit
1r-f0rhun73r/SecCon-Framework
Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuration i
1r-f0rhun73r/thiri-notebook
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
1r-f0rhun73r/xknow_infosec
Random Stuff for Cyber Security Incident Response