ascivv's Stars
Silv3rHorn/evtx2json
evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
mitre-attack/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
SwiftOnSecurity/sysmon-config
Sysmon configuration file template with default high-quality event tracing
SecurityRiskAdvisors/VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
alphasoc/flightsim
A utility to safely generate malicious network traffic patterns and evaluate controls.
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
sans-blue-team/freq.py
Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy calculations. Uses character pair frequency analysis to determine the likelihood of tested strings of characters occurring.
sans-blue-team/DeepBlueCLI
davehull/Kansa
A Powershell incident response framework
bwya77/O365HTMLReport
Create a interactive HTML report for Office 365 using PowerShell