Pinned Repositories
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
FuzzySysmon
My sysmon config I use for testing purposes
mac4n6
Collection of forensics artifacs location for Mac OS X and iOS
OSSEM
Open Source Security Events Metadata (OSSEM)
threat_hunting_tables
Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
threathunting-spl
Splunk code (SPL) useful for serious threat hunters.
Windows-Hunting
Windows_Baselines
Windows Baselines
bfuzzy's Repositories
bfuzzy/auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
bfuzzy/ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
bfuzzy/FuzzySysmon
My sysmon config I use for testing purposes
bfuzzy/mac4n6
Collection of forensics artifacs location for Mac OS X and iOS
bfuzzy/OSSEM
Open Source Security Events Metadata (OSSEM)
bfuzzy/threat_hunting_tables
Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
bfuzzy/threathunting-spl
Splunk code (SPL) useful for serious threat hunters.
bfuzzy/Windows-Hunting
bfuzzy/Windows_Baselines
Windows Baselines
bfuzzy/APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
bfuzzy/crave
Framework to automatically test and explore the capabilities of generic AV engines
bfuzzy/docker-bro
Bro IDS Dockerfile
bfuzzy/Grouper
A PowerShell script for helping to find vulnerable settings in AD Group Policy.
bfuzzy/HELK
The Hunting ELK
bfuzzy/PowerLessShell
Run PowerShell command without invoking powershell.exe
bfuzzy/PowerShell-Suite
My musings with PowerShell
bfuzzy/PyPowerShellXray
Python script to decode common encoded PowerShell scripts
bfuzzy/search-guard
Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorisation.
bfuzzy/Security-Data-Analysis
A series of labs that will help users apply various data science techniques to security related data.
bfuzzy/Skadi
Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
bfuzzy/SOC_Stuff
bfuzzy/sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
bfuzzy/sysmon-modular
A repository of sysmon configuration modules
bfuzzy/Threat-Hunty-Stuff
Random Threat Hunting Stuff
bfuzzy/Vega_Sankey
Vega Sankey
bfuzzy/whids
bfuzzy/WinLogsZero2Hero
This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.