gonzalomarcos's Stars
BushidoUK/Ransomware-Tool-Matrix
A resource containing all the tools each ransomware gangs uses
neutrinoguy/awesome-ics-writeups
Collection of writeups on ICS/SCADA security.
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
MythicAgents/Apollo
A .NET Framework 4.0 Windows Agent
jsecurity101/ETWInspector
p0dalirius/LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
the2dl/SSDT
Stupid Simple Detection Testing
the2dl/detection-framework
A framework for developing alerting and detection strategies for incident response.
tsale/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
dsnezhkov/shutter
Neo23x0/Talks
Slides of my public talks
center-for-threat-informed-defense/top-attack-techniques
Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.
center-for-threat-informed-defense/summiting-the-pyramid
Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research includes a scoring model, methodology, and worked examples.
attl4s/attl4s.github.io
jsecurity101/TelemetrySource
TeMiroYteHasheo/The-Hunters-Framework
Project to Support The Hunter's Framework (THF)
ramimac/aws-customer-security-incidents
A repository of breaches of AWS customers
Orange-Cyberdefense/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
strontic/strontic.github.io
Security. Automation. Analytics.
cfalta/adsec
An introduction to Active Directory security
airbus-cert/Splunk-ETW
A Splunk Technology Add-on to forward filtered ETW events.
3lp4tr0n/BeaconHunter
Detect and respond to Cobalt Strike beacons using ETW.
JSCU-NL/logging-essentials
A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.
RealityNet/attack-coverage
an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques
gracenolan/Notes
robo-red-team/Training-Platform
Robo-Red-Team: Training platform for blue team cybersecurity professionals
MichaelKoczwara/Awesome-CobaltStrike-Defence
Defences against Cobalt Strike