alwashali

DFIR | Intel | Detection

Berlin, Germany

Pinned Repositories

CTFd-Downloader
Download all CTFd challenges and files offline
Language:Python2 1 00
detection-validation
Detection rule validation
Language:Go41 1 35
forward-bash-history-to-syslog
Forward Bash History to Syslog Server
Language:Shell8 1 00
gRPC-Remote-Traffic-Capture
Remote trafffic caputre using GRPC and golang
Language:Go3 1 00
jitterg
Generate C2 dataset with custom jitter
Language:Go3 1 02
LogRhythmOne
Controle Multiple LogRhythm SIEMs Alert and Cases from a Single API
Language:Go7 1 02
Microsoft-Defender-Alert-API-Integration
Microsoft Defender Alert API Integration
Language:Go6 1 02
persistence_diff
Diff Defender Persistence Locations
Language:Python10 1 00
Qradar-Offenses-Jupyter-Notebook
Analyze Qradar Offense Using Jupyter Notebook
Language:Jupyter Notebook3 3 00
yaa
yaa - yaml search for humans
Language:Go12 1 01

alwashali's Repositories

alwashali/detection-validation
Detection rule validation
Language:Go41 1 35
alwashali/yaa
yaa - yaml search for humans
Language:Go12 1 01
alwashali/persistence_diff
Diff Defender Persistence Locations
Language:Python10 1 00
alwashali/forward-bash-history-to-syslog
Forward Bash History to Syslog Server
Language:Shell8 1 00
alwashali/LogRhythmOne
Controle Multiple LogRhythm SIEMs Alert and Cases from a Single API
Language:Go7 1 02
alwashali/Microsoft-Defender-Alert-API-Integration
Microsoft Defender Alert API Integration
Language:Go6 1 02
alwashali/gRPC-Remote-Traffic-Capture
Remote trafffic caputre using GRPC and golang
Language:Go3 1 00
alwashali/jitterg
Generate C2 dataset with custom jitter
Language:Go3 1 02
alwashali/Qradar-Offenses-Jupyter-Notebook
Analyze Qradar Offense Using Jupyter Notebook
Language:Jupyter Notebook3 3 00
alwashali/Loki-Notebook
Loki Jupyter Notebook
Language:Jupyter Notebook1 1 00
alwashali/Malware-Traffic-Analysis-Zeek-Dataset
Zeek logs of all malware-traffic-analysis.net PCAPs from 2013 to 08-2021
10
alwashali/detection-rules
Rules for Elastic Security's detection engine
Language:Python0 0
alwashali/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
Language:PowerShell0 0
alwashali/elephant
Cache like elephant
Language:Go1 0
alwashali/gologrhythm
Go API Client for LogRhythm SIEM
Language:Go1 0
alwashali/Graph-API
Test Microsoft Graph API Endpoints
Language:Go
alwashali/hackdefend.github.io
Language:HTML0 0
alwashali/Hood-session-labs-
Language:Go
alwashali/jekyll-now
Build a Jekyll blog in minutes, without touching the command line.
Language:CSS0 0
alwashali/library
Collection of original report and metadata files that are used by ORKL
Language:Go0 0
alwashali/LogRhythm-Smart-Response-Webhook-Plugin
Sending alarm id to a webhook as a trigger to initiate a workflow
Language:PowerShell1 0
alwashali/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
0 0
alwashali/secure-golang-coding-workshop
Demo app to demonstrate security mechanism implementations
Language:Go1 0
alwashali/Security-Operaiton-Threat-Hunting-workshop-slides
1 0
alwashali/sigma
Generic Signature Format for SIEM Systems
Language:Python0 0
alwashali/SimpleGoHTTPServer
Language:Go1 0
alwashali/Splunk-Workshop-Slides
1 0
alwashali/sysmon-modular
A repository of sysmon configuration modules
Language:PowerShell0 0
alwashali/Useful-IR-Commands
Useful Powershell commands I use during IR triage
1 0
alwashali/velociraptor
Digging Deeper....