Pinned Repositories
accesstokens_are_fun
Repository containing examples to play with access tokens and JWTs
Antignis
Source code and examples for Antignis
concealed_code_execution
Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
dissect.target
The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).
ir-automation
Incident Response automation scripts
PassiveAggression
Source code and examples for PassiveAggression
process-cloning
The Definitive Guide To Process Cloning on Windows
red-mudnester
RestartManagerArtifacts
A forensic tool for parsing Restart Manager database
sysmon-indepth
Understanding the operation and limitations of Sysmon's events
Hunt & Hackett's Repositories
huntandhackett/process-cloning
The Definitive Guide To Process Cloning on Windows
huntandhackett/concealed_code_execution
Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
huntandhackett/PassiveAggression
Source code and examples for PassiveAggression
huntandhackett/Antignis
Source code and examples for Antignis
huntandhackett/sysmon-indepth
Understanding the operation and limitations of Sysmon's events
huntandhackett/red-mudnester
huntandhackett/ir-automation
Incident Response automation scripts
huntandhackett/accesstokens_are_fun
Repository containing examples to play with access tokens and JWTs
huntandhackett/RestartManagerArtifacts
A forensic tool for parsing Restart Manager database
huntandhackett/dissect.target
The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets).