billy-sec's Stars
opencybersecurityalliance/kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Te-k/cobaltstrike
Code and yara rules to detect and analyze Cobalt Strike
mandiant/sunburst_countermeasures
mandiant/red_team_tool_countermeasures
TCM-Course-Resources/Windows-Privilege-Escalation-Resources
Compilation of Resources from TCM's Windows Priv Esc Udemy Course
TCM-Course-Resources/Open-Source-Intellingence-Resources
Compilation of Resources from TCM's OSINT Course
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
meirwah/awesome-incident-response
A curated list of tools for incident response
fabacab/awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
OTRF/OSSEM-CDM
OSSEM Common Data Model
jthuraisamy/TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
palantir/alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
SigmaHQ/sigma
Main Sigma Rule Repository
freeload101/SCRIPTS
OlivierLaflamme/Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
ignis-sec/Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
olafhartong/sysmon-modular
A repository of sysmon configuration modules
mvelazc0/PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
jsecurity101/Detecting-Process-Injection-Techniques
This is a repository that is meant to hold detections for various process injection techniques.
atc-project/atomic-threat-coverage
Actionable analytics designed to combat threats
certsocietegenerale/fame
FAME Automates Malware Evaluation
TheHive-Project/TheHiveDocs
Documentation of TheHive
dfirtrack/dfirtrack
DFIRTrack - The Incident Response Tracking Application
tillson/git-hound
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
21y4d/nmapAutomator
A script that you can run in the background!
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
sans-blue-team/blue-team-wiki
Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries
mandiant/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.