billy-sec

billy-sec's Stars

• opencybersecurityalliance/kestrel-lang

  Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

  Language:Python28449

• Te-k/cobaltstrike

  Code and yara rules to detect and analyze Cobalt Strike

  Language:Python26158

• mandiant/sunburst_countermeasures

  Language:YARA560199

• mandiant/red_team_tool_countermeasures

  Language:YARA2.6k847

• TCM-Course-Resources/Windows-Privilege-Escalation-Resources

  Compilation of Resources from TCM's Windows Priv Esc Udemy Course

  667227

• TCM-Course-Resources/Open-Source-Intellingence-Resources

  Compilation of Resources from TCM's OSINT Course

  Language:Shell839239

• intelowlproject/IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  Language:Python3.2k400

• meirwah/awesome-incident-response

  A curated list of tools for incident response

  7.4k1.5k

• fabacab/awesome-cybersecurity-blueteam

  :computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

  4.2k667

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python58.5k14.2k

• OTRF/OSSEM-CDM

  OSSEM Common Data Model

  5415

• jthuraisamy/TelemetrySourcerer

  Enumerate and disable common sources of telemetry used by AV/EDR.

  Language:C++743123

• palantir/alerting-detection-strategy-framework

  A framework for developing alerting and detection strategies for incident response.

  638116

• SigmaHQ/sigma

  Main Sigma Rule Repository

  Language:Python7.9k2.1k

• freeload101/SCRIPTS

  Language:PowerShell14037

• OlivierLaflamme/Cheatsheet-God

  Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

  4.8k1.2k

• BC-SECURITY/Empire

  Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

  Language:PowerShell4.1k565

• ignis-sec/Pwdb-Public

  A collection of all the data i could extract from 1 billion leaked credentials from internet.

  3k399

• olafhartong/sysmon-modular

  A repository of sysmon configuration modules

  Language:PowerShell2.6k575

• mvelazc0/PurpleSharp

  PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

  Language:C#754104

• jsecurity101/Detecting-Process-Injection-Techniques

  This is a repository that is meant to hold detections for various process injection techniques.

  Language:Jupyter Notebook3110

• atc-project/atomic-threat-coverage

  Actionable analytics designed to combat threats

  Language:Python951158

• certsocietegenerale/fame

  FAME Automates Malware Evaluation

  Language:Python842171

• TheHive-Project/TheHiveDocs

  Documentation of TheHive

  394281

• dfirtrack/dfirtrack

  DFIRTrack - The Incident Response Tracking Application

  Language:Python47276

• tillson/git-hound

  Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.

  Language:Go1.1k174

• 21y4d/nmapAutomator

  A script that you can run in the background!

  Language:Shell2.6k780

• trimstray/the-book-of-secret-knowledge

  A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

  138k9.2k

• sans-blue-team/blue-team-wiki

  Tools, techniques, cheat sheets, and other resources to assist those defending organizations and detecting adversaries

  Language:HTML43571

• mandiant/flare-vm

  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

  Language:PowerShell6.2k885