System-CTL
Threat Hunter, Incident Responder, DFIR Engineer, Malware Analyst
@Gulf Power Alliance Mannai Qatar
Pinned Repositories
Alient-Vault-Feed
OTX AKA Alient Vault Threat feed is crucial for mapping IOCs in reference set or endpoint to detect newly compromise threats in your enviroment .
CEH_CHEAT_SHEET
CEH Practical Exam
Cortex-XDR-Api-Call---Customize-Website
Call XDR Cortex API to fetch customize data and display it to customize web page according to requirements .
Dataset
Geo-ip-location
Track IP information.
Get-Exploits
My mentor tells me about his journey of OSCP and one python script that helps him alot . The script is about enumerate the target services with NMAP then get exploits of each enumerated service from searchsploit . The whole process done by few lines of Bash script.
Machine-Learning-Based-Malware-Scanner
Malware Scanner based on the binary classification as the dataset is classify into two classes (Clean ,Malware) exe data . The dataset contain portable excutable(PE) header features which have malicious and clean features values in CSV file. The scanner declare the executable as malicious on the basis of its some malicious header features . After trained the model we deployed the ML model on the WEB APP and DESKTOP APP which have multiple scanning options
Malicious-IANA-Ports
Checking open port of TCP(User Ports range from 1024 to 49770) of computer with malicious ports dataset released by IANA . IANA(Internet Assigned Numbers Authority) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System, media types, and other Internet Protocol-related symbols and Internet numbers.
Malware-DataSet
Static Behaviors of headers files of windows exe and .dll
MITRE
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
System-CTL's Repositories
System-CTL/CEH_CHEAT_SHEET
CEH Practical Exam
System-CTL/Malware-DataSet
Static Behaviors of headers files of windows exe and .dll
System-CTL/Alient-Vault-Feed
OTX AKA Alient Vault Threat feed is crucial for mapping IOCs in reference set or endpoint to detect newly compromise threats in your enviroment .
System-CTL/Cortex-XDR-Api-Call---Customize-Website
Call XDR Cortex API to fetch customize data and display it to customize web page according to requirements .
System-CTL/Dataset
System-CTL/Geo-ip-location
Track IP information.
System-CTL/Get-Exploits
My mentor tells me about his journey of OSCP and one python script that helps him alot . The script is about enumerate the target services with NMAP then get exploits of each enumerated service from searchsploit . The whole process done by few lines of Bash script.
System-CTL/Machine-Learning-Based-Malware-Scanner
Malware Scanner based on the binary classification as the dataset is classify into two classes (Clean ,Malware) exe data . The dataset contain portable excutable(PE) header features which have malicious and clean features values in CSV file. The scanner declare the executable as malicious on the basis of its some malicious header features . After trained the model we deployed the ML model on the WEB APP and DESKTOP APP which have multiple scanning options
System-CTL/Malicious-IANA-Ports
Checking open port of TCP(User Ports range from 1024 to 49770) of computer with malicious ports dataset released by IANA . IANA(Internet Assigned Numbers Authority) is a standards organization that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System, media types, and other Internet Protocol-related symbols and Internet numbers.
System-CTL/MITRE
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
System-CTL/Regex-For-Log-Files-In-Kali-Linux
System-CTL/Regexforlog4j-JNDI
SOC analyst work day and night for protecting the organization but sometimes we don't have the mechanism for protecing against particular threat like in life in some moment we were helpless but sun shine after storm. Yup log4j, i'm not a pro in wrtting regex but have some hands-on knowledge. For now, i have seen people wrtting long regex for SIEM solution and dumb guy like thinking how you did that but long is not always right ooh sorry, Means optimal solution could be achieved in matter of few words.
System-CTL/System-CTL
Config files for my GitHub profile.
System-CTL/Windows_Intrusion-Detection
The script based on NIST SP-800-61r2 detection phase which actually parse all the key artifacts by utilizing windows utilities.