bitsTyrant's Stars
imrk51/hacking-books
Book collection
2dust/v2rayN
A GUI client for Windows, Linux and macOS, support Xray core and sing-box-core and others
XTLS/Xray-core
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
redcanaryco/AtomicTestHarnesses
Public Repo for Atomic Test Harness
hfiref0x/UACME
Defeating Windows User Account Control
redcanaryco/invoke-atomicredteam
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.
OpenSOC/opensoc-streaming
Extensible set of Storm topologies and topology attributes for streaming, enriching, indexing, and storing telemetry in Hadoop.
OpenSOC/opensoc
OpenSOC Apache Hadoop Code
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
endgameinc/eql
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
SigmaHQ/sigma-specification
Sigma rule specification
snort3/snort3
Snort++
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
vmware-labs/telemetry-peak-analyzer
The telemetry peak analyzer handles time series and detect relevant peaks or anomalies in threat telemetry data.
vmware-labs/efficient-supervised-anomaly-detection
RADE is a resource-efficient decision tree ensemble method (DTEM) based anomaly detection approach that augments standard DTEM classifiers resulting in competitive anomaly detection capabilities and significant savings in resource usage.
vmware-labs/attack-surface-framework
Tool to discover external and internal network attack surface
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
OpenCTI-Platform/opencti
Open Cyber Threat Intelligence Platform
mitre-attack/attack-datasources
This content is analysis and research of the data sources currently listed in ATT&CK.
MuhammadYaseenKhan/Longman-Communication
This repository shares the Longman Communication 3000 and 9000 words in simple txt and JSON formats.
activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
OTRF/detection-hackathon-apt29
Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
darpa-i2o/Transparent-Computing
Material from the DARPA Transparent Computing Program
alphaSeclab/awesome-rat
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
francasino/traffic_analysis
A set of methods to enable traffic classification using randomness tests. We also add an automated database creation algorithm.
iputils/iputils
The iputils package is set of small old utilities for Linux networking.
IncideDigital/Mistica
An open source swiss army knife for arbitrary communication over application protocols
aleenzz/Cobalt_Strike_wiki
Cobalt Strike系列
killswitch-GUI/CobaltStrike-ToolKit
Some useful scripts for CobaltStrike