Pinned Repositories
aleph
An Open Source Malware Analysis Pipeline System
api-samples
Samples code that uses QRadar API's
atomic-threat-coverage
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
awesome-incident-response
A curated list of tools for incident response
awesome-malware-analysis
A curated list of awesome malware analysis tools and resources
binent
Cross-platform entropy calculation script with filtering and custom-block size options.
ce1sus
ce1sus, a threat information database
dcept
A tool for deploying and detecting use of Active Directory honeytokens
derduffy
derduffy.github.io
derDuffy's Repositories
derDuffy/api-samples
Samples code that uses QRadar API's
derDuffy/aleph
An Open Source Malware Analysis Pipeline System
derDuffy/atomic-threat-coverage
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
derDuffy/awesome-incident-response
A curated list of tools for incident response
derDuffy/awesome-malware-analysis
A curated list of awesome malware analysis tools and resources
derDuffy/binent
Cross-platform entropy calculation script with filtering and custom-block size options.
derDuffy/ce1sus
ce1sus, a threat information database
derDuffy/dcept
A tool for deploying and detecting use of Active Directory honeytokens
derDuffy/DET
(extensible) Data Exfiltration Toolkit (DET)
derDuffy/dfirtriage
Digital forensic acquisition tool for Windows based incident response.
derDuffy/FIR
Fast Incident Response
derDuffy/FireMISP
Stay tuned
derDuffy/flare-ida
IDA Pro utilities from FLARE team
derDuffy/HttpPwnly
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
derDuffy/impacket
Impacket is a collection of Python classes for working with network protocols.
derDuffy/IRM
Incident Response Methodologies
derDuffy/kerberoast
derDuffy/Malware
Course materials for Malware Analysis by RPISEC
derDuffy/mimikittenz
A post-exploitation powershell tool for extracting juicy info from memory.
derDuffy/NorthKoreaDNSLeak
Snapshot of North Korea's DNS data taken from zone transfers.
derDuffy/PlagueScanner
Open source multiple AV scanner framework
derDuffy/PoCs
Proof of Concepts for CVE-2016–3714
derDuffy/Powershellery
This repo contains Powershell scripts used for general hackery.
derDuffy/signature-base
Signature base for my scanner tools
derDuffy/TheHive
TheHive: a Scalable, Open Source and Free Incident Response Platform
derDuffy/TheHive4py
Python API Client for TheHive
derDuffy/vagrant-elk-cluster
Create a ELK Cluster under Vagrant
derDuffy/VolUtility
Web App for Volatility framework
derDuffy/Windows-Hunting
derDuffy/yeti
YETI is a TAXII implementation