JPMinty's Stars
twintproject/twint
An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.
SigmaHQ/sigma
Main Sigma Rule Repository
horsicq/Detect-It-Easy
Program for determining types of files for Windows, Linux and MacOS.
OISF/suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
fastfire/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
DominicBreuker/stego-toolkit
Collection of steganography tools - helps with CTF challenges
microsoft/Microsoft-365-Defender-Hunting-Queries
Sample queries for Advanced hunting in Microsoft 365 Defender
matterpreter/OffensiveCSharp
Collection of Offensive C# Tooling
ForensicArtifacts/artifacts
Digital Forensics artifact repository
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
mattifestation/PowerShellArsenal
A PowerShell Module Dedicated to Reverse Engineering
A3sal0n/CyberThreatHunting
A collection of resources for Threat Hunters
wietze/HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
BornToBeRoot/PowerShell
Collection of useful PowerShell functions, scripts, snippets and templates
felixweyne/imaginaryC2
Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.
christophetd/spoofing-office-macro
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
felixweyne/ProcessSpawnControl
Process Spawn Control is a Powershell tool which aims to help in the behavioral (process) analysis of malware. PsC suspends newly launched processes, and gives the analyst the option to either keep the process suspended, or to resume it.
roadwy/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
outflanknl/NetshHelperBeacon
Example DLL to load from Windows NetShell
endgameinc/eqllib
WithSecureLabs/ppid-spoofing
Scripts for performing and detecting parent PID spoofing
miladaslaner/ThreatHunt
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
nccgroup/OneLogicalMyth_Shell
A HTA shell to assist with breakout assessments.
Neo23x0/yaraQA
YARA rule analyzer to improve rule quality and performance
merill/microsoft-info
Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
HuskyHacks/clarion
The clarion call tells you if someone is logging into an AitM proxy that is proxying your M365 login page
csababarta/volatility_plugins
Volatility plugins created by the author
Alino/json-to-freemind
convert json structures to freemind (mindmap) file format
Squiblydoo/certReport
A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.
StuxVT/SonicGlyde-Discord-Malware
Malware distributed via phishing campaign on discord. Steals browser data and discord tokens.