MHaggis

@Splunk

Pinned Repositories

app_splunk_sysmon_hunter
Splunk App to assist Sysmon Threat Hunting
38 7 07
ASRGEN
ASR Configurator, Essentials and Atomic Testing
Language:Python30 2 04
bookish-happiness
OG Atomic Red Team
28 7 06
CBR-Queries
Collection of useful, up to date, Carbon Black Response Queries
82 12 021
hunt-detect-prevent
Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
Language:PowerShell156 23 144
notes
Full of public notes and Utilities
Language:HTML77 7 011
ShellSweep
ShellSweeping the evil.
Language:PowerShell49 5 06
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
893 114 2186
sysmon-splunk-app
Sysmon Splunk App
45 14 916

MHaggis's Repositories

MHaggis/sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
893 114 2186
MHaggis/CBR-Queries
Collection of useful, up to date, Carbon Black Response Queries
82 12 021
MHaggis/notes
Full of public notes and Utilities
Language:HTML77 7 011
MHaggis/ShellSweep
ShellSweeping the evil.
Language:PowerShell49 5 06
MHaggis/ASRGEN
ASR Configurator, Essentials and Atomic Testing
Language:Python30 2 04
MHaggis/sigZap
SigZap is a Streamlit application designed to facilitate the search across multiple network signature sets at once.
Language:Python4 2 0
MHaggis/AppLockerGen
AppLocker Policy Generator
Language:Python3
MHaggis/UltimateAppLockerByPassList
The goal of this repository is to document the most common techniques to bypass AppLocker.
Language:PowerShell3 2 0
MHaggis/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Language:PowerShell2 3 0
MHaggis/amsi-tracer
Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) passed into AMSI during dynamic execution.
Language:C++1 3 0
MHaggis/attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
Language:HTML1 2 01
MHaggis/LLM
LLM tools and toys
Language:Python1 2 0
MHaggis/MHaggis
1 2 0
MHaggis/tomcat-jmxproxy-rce-exp
Apache Tomcat JMXProxy RCE
Language:Go1 1 0
MHaggis/AtomicLua
A combination of OffensiveLua and Learning Lua - By Defenders, for Defenders
Language:C
MHaggis/AtomicTestHarnesses
Public Repo for Atomic Test Harness
Language:PowerShell2 0
MHaggis/attack_range_local
Build a attack range in your local machine
Language:HTML2 0
MHaggis/BlackLotus
BlackLotus UEFI Windows Bootkit
Language:C1 0
MHaggis/CVE-2024-4040
Scanner for CVE-2024-4040
Language:Python
MHaggis/DrvLoader
A post exploitation utility for loading signed kernel drivers using both the undocumented NtLoadDriver function and by directly interfacing with the Windows Service Control Manager (SCM)
Language:C++1 0
MHaggis/gdrv-loader
Kernel driver loader using vulnerable gigabyte driver (https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities) to load a unsigned driver
Language:C1 0
MHaggis/grab_beacon_config
Language:Lua2 0
MHaggis/HackerArt
A collection of art inspired by the world of cybersecurity and hacking culture.
Language:HTML1 0
MHaggis/HVCI-loldrivers-check
Language:PowerShell1 0
MHaggis/InstallerFileTakeOver
Language:C++2 01
MHaggis/Invoke-PrintDemon
Language:PowerShell2 0
MHaggis/mockbin
Mock, Test & Track HTTP Requests and Response for Microservices
Language:JavaScript1 0
MHaggis/sigma
Generic Signature Format for SIEM Systems
Language:Python1 0
MHaggis/signature-base
YARA signature and IOC database for my scanners and tools
Language:YARA1 0
MHaggis/SnakeMalware
Scripts and References for Snake Malware
Language:PowerShell2 0