haidon603

threat hunting and SIEM engineering

Pinned Repositories

haids_splunk_security
Various ways to gather intelligence from an organization's Splunk data
4 2 00
kql_azure_data_explore
KQL Queries to aid in security investigations within Azure Data Explore Databases.
00
logscale_hunt_queries
Logscale queries to aid in Threat Hunting with Crowdstrike
00
PowerShellSecurityOps
For automating common day to day tasks
Language:PowerShell2 2 00
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Language:PowerShell00
PS_auditing
looks for expired accounts, inactive accounts, password not set, etc.
0 1 00
snort
what pigs do
00
Sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Language:Python1 0 00
Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
Language:PowerShell0 0 00

haidon603/haids_splunk_security
Various ways to gather intelligence from an organization's Splunk data
4 2 00
haidon603/PowerShellSecurityOps
For automating common day to day tasks
Language:PowerShell2 2 00
haidon603/Sooty
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Language:Python1 0 00
haidon603/kql_azure_data_explore
KQL Queries to aid in security investigations within Azure Data Explore Databases.
00
haidon603/logscale_hunt_queries
Logscale queries to aid in Threat Hunting with Crowdstrike
00
haidon603/PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Language:PowerShell00
haidon603/PS_auditing
looks for expired accounts, inactive accounts, password not set, etc.
0 1 00
haidon603/snort
what pigs do
00
haidon603/Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
Language:PowerShell0 0 00