DragonsBlue's Stars
Ignitetechnologies/Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
i3visio/osrframework
OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.
InfoSecInnovations/concierge
Repo for Concierge AI dev work
AzureAD/Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
d3fend/d3fend
Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology
Mazars-Tech/AD_Miner
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses
Bert-JanP/Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
builtbybel/ThisIsWin11
The real PowerToys for Windows 11
cisagov/untitledgoosetool
Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.
JohnHammond/labs
Free and publicly available training labs and exercises, for quick copy-and-paste demonstrations, learning and education.
JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
blackhillsinfosec/EventLogging
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
cisagov/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
malwarejake-public/conference-presentations
Conference presentations
cisagov/RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
meirwah/awesome-incident-response
A curated list of tools for incident response
djust270/IntuneEndpointTools
A set of tools for managing and diagnosing Intune on Windows endpoints
JaekelEDV/MyAnnotatedITBookshelf
chvancooten/maldev-for-dummies
A workshop about Malware Development
unifi-utilities/unifios-utilities
A collection of enhancements for UnifiOS based devices
yangshun/tech-interview-handbook
💯 Curated coding interview preparation materials for busy software engineers
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
FalconForceTeam/FalconFriday
Hunting queries and detections
leoloobeek/LAPSToolkit
Tool to audit and attack LAPS environments
maurice-daly/DriverAutomationTool
Home of the Driver Automation Tool
TimMangan/App-Info
A community sourced information store about applications
ScarredMonk/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
Kaidja/Defender-for-Endpoint
Defender for Endpoint
MicrosoftDocs/windows-itpro-docs
This repository is used for Windows client for IT Pro content on Microsoft Learn.