Pinned Repositories
800-63-3
Home to public development of draft Special Publication 800-63-3: Digital Authentication Guidelines
actortrackr
Home to the ActorTrackr source code
Aftertale
ApiV2
Version 2 of the ThreatCrowd API
APTnotes
Various public documents, whitepapers and articles about APT campaigns
aquatone
A Tool for Domain Flyovers
artifacts
Digital Forensics Artifact Repository
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
awesome
:sunglasses: Curated list of awesome lists
awesome-markdown
A collection of awesome markdown goodies (libraries, services, editors, tools, cheatsheets, etc.)
dfirgeek's Repositories
dfirgeek/kaitai_struct_webide
Online editor / visualizer for Kaitai Struct .ksy files
dfirgeek/data
APTnotes data
dfirgeek/ctf-tools
Some setup scripts for security research tools.
dfirgeek/rekall
Rekall Memory Forensic Framework
dfirgeek/exploitpack
Exploit Pack - Project
dfirgeek/ircapabilities
Incident Response Hierarchy of Needs
dfirgeek/Mirai-Source-Code
Leaked Mirai Source Code for Research/IoC Development Purposes
dfirgeek/rainbowstream
A smart and nice Twitter client on terminal written in Python.
dfirgeek/SSMA
SSMA - Simple Static Malware Analyzer
dfirgeek/Docker-PowerShell
PowerShell Module for Docker
dfirgeek/misp-workbench
MISP Workbench
dfirgeek/malusb
Malicious USB
dfirgeek/bulk_extractor
This is the development tree. For downloads please see:
dfirgeek/sticky_keys_hunter
A script to test an RDP host for sticky keys and utilman backdoor.
dfirgeek/twitter-exporter
Export twitter neighborhoods to a format that is easily ingested by the DSE Graph Loader
dfirgeek/ibmxforceex.checker.py
Python based client for IBM XForce Exchange
dfirgeek/cryptam_tools
Cryptam document malware analysis tools
dfirgeek/dfirgeek.github.io
test
dfirgeek/test
intitalize
dfirgeek/bro-scripts
Various Bro scripts
dfirgeek/iocs
FireEye Publicly Shared Indicators of Compromise (IOCs)
dfirgeek/multiav
MultiAV scanner with Python and JSON API
dfirgeek/threataggregator
Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.
dfirgeek/goatrider
GoatRider is a simple tool that will dynamically pull down Artillery Threat Intelligence Feeds, TOR, AlienVaults OTX, and the Alexa top 1 million websites and do a comparison to a hostname file or IP file.
dfirgeek/harbinger
Harbinger Threat Intelligence
dfirgeek/bro-intel-generator
Script for generating Bro intel files from pdf or html reports
dfirgeek/tiq-test
Threat Intelligence Quotient Test - Dataviz and Statistical Analysis of TI feeds
dfirgeek/Tools
Tools from WFA 4/e, timeline tools, etc.
dfirgeek/DemonHunter_Exploitkit
Source code to the Malicious Demon Hunter Exploit Kit
dfirgeek/elasticsearch-gmail
Index your Gmail Inbox with Elasticsearch