DeadLenny

DeadLenny's Stars

• FalconForceTeam/SOAPHound

  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

  Language:C#64564

• RCStep/CSSG

  Cobalt Strike Shellcode Generator

  Language:C#638110

• LuemmelSec/Client-Checker

  Language:PowerShell16715

• kleiton0x00/Proxy-DLL-Loads

  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

  Language:C32439

• OTRF/OSSEM-DD

  OSSEM Data Dictionaries

  Language:Python5819

• jaredcatkinson/MalwareMorphology

  Language:C++7611

• jaredcatkinson/PSReflect-Functions

  Module to provide PowerShell functions that abstract Win32 API functions

  Language:PowerShell23960

• jaredcatkinson/function-call-stacks

  61

• clearbluejar/ghidriff

  Python Command-Line Ghidra Binary Diffing Engine

  Language:Python52123

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.7k157

• jaredcatkinson/abstraction-workshop

  Language:CSS4

• olafhartong/sysmon-cheatsheet

  All sysmon event types and their fields explained

  53573

• olafhartong/ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  1.1k178

• clong/DetectionLab

  Automate the creation of a lab environment complete with security tooling and logging best practices

  Language:HTML4.6k987

• 0x4D31/awesome-threat-detection

  ✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

  3.8k651

• hslatman/awesome-threat-intelligence

  A curated list of Awesome Threat Intelligence resources

  8k1.5k

• palantir/alerting-detection-strategy-framework

  A framework for developing alerting and detection strategies for incident response.

  675118

• VirusTotal/vt-cli

  VirusTotal Command Line Interface

  Language:Go81871

• GTFOBins/GTFOBins.github.io

  GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

  Language:HTML10.8k1.3k

• LOLBAS-Project/LOLBAS

  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

  Language:XSLT7.1k991

• radareorg/radare2

  UNIX-like reverse engineering framework and command-line toolset

  Language:C20.6k3k

• corkami/pics

  File formats dissections and more...

  Language:Assembly10.5k736

• SigmaHQ/sigma

  Main Sigma Rule Repository

  Language:Python8.3k2.2k

• optiv/Freeze

  Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

  Language:Go1.4k181

• hasherezade/pe-bear

  Portable Executable reversing tool with a friendly GUI

  Language:C++2.7k167

• roobixx/EventLogForRedTeams

  Simple PoC from Malicious Payload Injection from Windows Event Log Entry

  Language:C#266

• CravateRouge/autobloody

  Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound

  Language:Python40942

• Cyb3rWard0g/HELK

  The Hunting ELK

  Language:Jupyter Notebook3.8k682

• ossu/computer-science

  🎓 Path to a free self-taught education in Computer Science!

  172k21.7k

• markowanga/stweet

  Advanced python library to scrap Twitter (tweets, users) from unofficial API

  Language:Python58967