bfuzzy

Pinned Repositories

APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
Language:Batchfile0 2 00
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
774 62 4131
FuzzySysmon
My sysmon config I use for testing purposes
1 2 00
mac4n6
Collection of forensics artifacs location for Mac OS X and iOS
Language:Python1 2 00
OSSEM
Open Source Security Events Metadata (OSSEM)
1 2 00
threat_hunting_tables
Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
1 2 00
ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
14 7 05
threathunting-spl
Splunk code (SPL) useful for serious threat hunters.
1 3 00
Windows-Hunting
1 2 00
Windows_Baselines
Windows Baselines
1 2 00

bfuzzy's Repositories

bfuzzy/auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
774 62 4131
bfuzzy/ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
14 7 05
bfuzzy/FuzzySysmon
My sysmon config I use for testing purposes
1 2 00
bfuzzy/mac4n6
Collection of forensics artifacs location for Mac OS X and iOS
Language:Python1 2 00
bfuzzy/OSSEM
Open Source Security Events Metadata (OSSEM)
1 2 00
bfuzzy/threat_hunting_tables
Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
1 2 00
bfuzzy/threathunting-spl
Splunk code (SPL) useful for serious threat hunters.
1 3 00
bfuzzy/Windows-Hunting
1 2 00
bfuzzy/Windows_Baselines
Windows Baselines
1 2 00
bfuzzy/APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
Language:Batchfile0 2 00
bfuzzy/crave
Framework to automatically test and explore the capabilities of generic AV engines
Language:Python2 0
bfuzzy/docker-bro
Bro IDS Dockerfile
Language:Bro2 0
bfuzzy/Grouper
A PowerShell script for helping to find vulnerable settings in AD Group Policy.
Language:PowerShell2 0
bfuzzy/HELK
The Hunting ELK
Language:Shell2 0
bfuzzy/PowerLessShell
Run PowerShell command without invoking powershell.exe
Language:Python2 0
bfuzzy/PowerShell-Suite
My musings with PowerShell
Language:PowerShell2 0
bfuzzy/PyPowerShellXray
Python script to decode common encoded PowerShell scripts
Language:Python2 0
bfuzzy/search-guard
Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorisation.
Language:Java2 0
bfuzzy/Security-Data-Analysis
A series of labs that will help users apply various data science techniques to security related data.
Language:Jupyter Notebook2 0
bfuzzy/Skadi
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
Language:Shell2 0
bfuzzy/SOC_Stuff
2 0
bfuzzy/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
Language:Python2 0
bfuzzy/sysmon-modular
A repository of sysmon configuration modules
2 0
bfuzzy/Threat-Hunty-Stuff
Random Threat Hunting Stuff
2 0
bfuzzy/Vega_Sankey
Vega Sankey
2 0
bfuzzy/whids
Language:Go2 0
bfuzzy/WinLogsZero2Hero
This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
Language:PowerShell2 0