gh0stpwn's Stars
amjcyber/EDRNoiseMaker
Detect WFP filters blocking EDR communications
netero1010/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
CrowdStrike/VirtualGHOST
VirtualGHOST Detection Tool
0xNinjaCyclone/hellMaker
Generate FUD backdoors
rod-trent/Copilot-for-Security
My personal work with Copilot for Security
CyberSecurityUP/OSCP-Survival-Guide
rkhal101/Hack-the-Box-OSCP-Preparation
Hack-the-Box-OSCP-Preparation
Cyber-Junk/OSCP-Preparation-Guide
It is a compilation of some resources for preparing for OSCP.
rodolfomarianocy/OSCP-Tricks-2023
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
security-prince/PWK-OSCP-Preparation-Roadmap
Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome
RihaMaheshwari/OSCP-Preparation-Material
All in One OSCP Preparation Material
0x4D31/awesome-oscp
A curated list of awesome OSCP resources
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Azure/Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
Bert-JanP/Sentinel-Queries
Collection of KQL queries
Bert-JanP/AzSentinelQueries
Repository with Sentinel Analytics Rules and Hunting Queries
Bert-JanP/Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Azure/Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
elastic/detection-rules
LearningKijo/SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
reprise99/kql-for-dfir
A guide to using Azure Data Explorer and KQL for DFIR
reprise99/awesome-kql-sentinel
A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
reprise99/Sentinel-Queries
Collection of KQL queries
facebook/threat-research
Welcome to the Meta Threat Research Indicator Repository, a dedicated resource for the sharing of Indicators of Compromise (IOCs) and other threat indicators with the external research community
AzureAD/Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
microsoft/msticpy
Microsoft Threat Intelligence Security Tools
elastic/protections-artifacts
Elastic Security detection content for Endpoint