Pinned Repositories
DACA
DAtaset Creation Aquisition engine
dns-tunnel-dataset
DNS Tunneling Dataset
doh-tunnel-dataset
DNS tunneling over DoH Dataset
Fritzing_Parts
Parts designed and adjusted for Fritzing Electronic Design project
iodine-log-analysis
Experimenting with DNS Tunneling and Log Analysis
ublox
Python library for the UBX protocol
Korving-F's Repositories
Korving-F/doh-tunnel-dataset
DNS tunneling over DoH Dataset
Korving-F/dns-tunnel-dataset
DNS Tunneling Dataset
Korving-F/DACA
DAtaset Creation Aquisition engine
Korving-F/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Korving-F/BloodHound
Six Degrees of Domain Admin
Korving-F/certstream-python
Python library for connecting to CertStream
Korving-F/certstream-server
Certificate Transparency Log aggregation, parsing, and streaming service written in Elixir
Korving-F/DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
Korving-F/FalconFriday
Hunting queries and detections
Korving-F/family-of-client-ids-research
Research into Undocumented Behavior of Azure AD Refresh Tokens
Korving-F/file-extension-list
Organised collection of common file extensions
Korving-F/gifcast
🎞️ Converts an asciinema cast to an animated GIF.
Korving-F/godoh
🕳 godoh - A DNS-over-HTTPS C2
Korving-F/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Korving-F/jarm
Korving-F/LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
Korving-F/MDATP_PoSh_Scripts
Korving-F/msticpy
Microsoft Threat Intelligence Security Tools
Korving-F/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
Korving-F/packer
Packer is a tool for creating identical machine images for multiple platforms from a single source configuration.
Korving-F/Process-Hollowing
Great explanation of Process Hollowing (a Technique often used in Malware)
Korving-F/RMML
A list of RMMs designed to be used in automation to build alerts
Korving-F/sandbox-attacksurface-analysis-tools
Set of tools to analyze Windows sandboxes for exposed attack surface.
Korving-F/Security-Datasets
Re-play Security Events
Korving-F/serviceDetector
Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin privileges.
Korving-F/sigma
Main Rule Repository
Korving-F/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Korving-F/sysmon-modular
A repository of sysmon configuration modules
Korving-F/Training-MSOfficeOffensiveTradecraft
Info related to the Outflank training: Microsoft Office Offensive Tradecraft
Korving-F/windows-domain-controller-vagrant
Example Windows Domain Controller