Pinned Repositories
awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
awesome-incident-response
A curated list of tools for incident response
AzSentinelQueries
Repository with Sentinel Analytics Rules and Hunting Queries
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
CB-Threat-Hunting
Copilot-For-Security
Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles
CRT
Contact: CRT@crowdstrike.com
CVE-2021-40444
CVE-2021-40444 PoC
CVE-2024-22024
Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure
bonusland's Repositories
bonusland/awesome-incident-response
A curated list of tools for incident response
bonusland/AzSentinelQueries
Repository with Sentinel Analytics Rules and Hunting Queries
bonusland/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
bonusland/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
bonusland/Copilot-For-Security
Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles
bonusland/CVE-2024-22024
Check for CVE-2024-22024 vulnerability in Ivanti Connect Secure
bonusland/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
bonusland/evilgophish
evilginx3 + gophish
bonusland/Incident-Playbook
Incident Response Process and Playbooks | Goal: Playbooks to be Mapped to MITRE Attack Techniques
bonusland/Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
bonusland/IntuneWin32Deployer
Create and deploy winget and chocolatey (win32) apps to Intune with one click!
bonusland/ITDR
Collection of Microsoft Identity Threat Detection and Response resources.
bonusland/jupyter-collection
Collection of Jupyter Notebooks by @fr0gger_
bonusland/karma
API pwndb
bonusland/KQL-Use-Cases
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
bonusland/Live-Forensicator
Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response
bonusland/Microsoft-Activation-Scripts
A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
bonusland/MS-Defender-4-xOPS
bonusland/mysite
bonusland/netlas-cookbook
The goal of this guide is very simple - to teach anyone interested in cyber security, regardless of their knowledge level, how to make the most of Netlas.io.
bonusland/OSCP-Tricks-2023
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
bonusland/Playbooks
Playbooks for SOC Analysts
bonusland/playbooks-main
bonusland/PSSW100AVB
A list of useful Powershell scripts with 100% AV bypass (At the time of publication).
bonusland/Public-Playbooks
bonusland/PurpleOps
An open-source self-hosted purple team management web application.
bonusland/Pyramid
a tool to help operate in EDRs' blind spots
bonusland/SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
bonusland/SentinelKQL
Azure Sentinel KQL from rod-trent
bonusland/usbrubberducky-payloads
The Official USB Rubber Ducky Payload Repository