apexxor's Stars
secengjeff/awskillswitch
Lambda function that streamlines containment of an AWS account compromise
cyb3rmik3/Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
bluecapesecurity/PWF
Practical Windows Forensics Training
Snausage0x45/KapeStrike
Automate forensic traige package collection and evidence parsing with KAPE and Crowdstrike
Neo23x0/god-mode-rules
God Mode Detection Rules
itm4n/PrivescCheck
Privilege Escalation Enumeration Script for Windows
aws/aws-security-services-best-practices
YARAHQ/yara-forge
Automated YARA Rule Standardization and Quality Assurance Tool
magicsword-io/sigconverter.io
An opensource sigma conversion tool built using pysigma
magicsword-io/bootloaders
bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security professionals in staying informed and mitigating potential threats associated with bootloaders.
magicsword-io/LOLDrivers
Living Off The Land Drivers
Micke-K/IntuneManagement
Copy, export, import, delete, document and compare policies and profiles in Intune and Azure with PowerShell script and WPF UI. Import ADMX files and registry settings with ADMX ingestion. View and edit PowerShell script.
tuckner/automation-capability-matrix
A tool that allows you to document and assess any security automation in your SOC
secure-cake/rapid-endpoint-investigations
Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE
BloodHoundAD/AzureHound
Azure Data Exporter for BloodHound
LivingInSyn/RMML
A list of RMMs designed to be used in automation to build alerts
BushidoUK/Breach-Report-Collection
A collection of companies that disclose adversary TTPs after they have been breached
AirbusProtect/AD-Canaries
The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.
0x90n/InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
muchdogesec/awesome_threat_intel_blogs
A curated list of Awesome Threat Intelligence Blogs from the DOGESEC community.
lawndoc/AdvancedHuntingQueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
MHaggis/notes
Full of public notes and Utilities
Neo23x0/LOLSecIssues
Cybersecurity's lighter side: a collection of the most amusing misunderstandings and missteps from newcomers to offensive security tools. A repository where naiveté in infosec is met with humor.
dafthack/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
jakob-source/falcon-crowdstrike
A collection of searches, interesting events and tables on Crowdstrike Splunk.
freeload101/SCRIPTS
freeload101/CrowdStrike_RTR_Powershell_Scripts
CrowdStrike/psfalcon
PowerShell for CrowdStrike's OAuth2 APIs
pe3zx/crowdstrike-falcon-queries
A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon