infosecB
Blue Team cybersecurity professional specializing in threat detection. Python and PowerShell developer.
Pinned Repositories
auditd-ripper
Python CLI for normalizing, aggregrating, and decoding auditd logs.
awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
bluecoat-webpulsir
Check and submit Blue Coat WebPulse website classifications.
detection-as-code
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
disable-remote-nic
A PowerShell script for remotely disabling active Windows 10/2016 device network interfaces.
generate_attacknav_layer
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
normalize-atp-safelink
Python script that normalizes a URL that has been rewritten by Microsoft ATP SafeLink protection.
security_content
Splunk Security Content
infosecB's Repositories
infosecB/awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
infosecB/LOOBins
Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for malicious purposes.
infosecB/detection-as-code
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
infosecB/generate_attacknav_layer
A Python CLI utility for quickly converting a list or text file of MITRE ATT&CK technique IDs to a MITRE ATT&CK Navigator layer .JSON file.
infosecB/awesome-threat-detection
A curated list of awesome threat detection and hunting resources
infosecB/auditd-ripper
Python CLI for normalizing, aggregrating, and decoding auditd logs.
infosecB/security_content
Splunk Security Content
infosecB/pywordle
infosecB/advent-of-detect-2024
An detection engineering-specific variant of advent of code.
infosecB/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
infosecB/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
infosecB/awesome
😎 Awesome lists about all kinds of interesting topics
infosecB/docker-splunk
Splunk Docker GitHub Repository
infosecB/full-stack-fastapi-template
Full stack, modern web application template. Using FastAPI, React, SQLModel, PostgreSQL, Docker, GitHub Actions, automatic HTTPS and more.
infosecB/galah
Galah: an LLM-powered web honeypot using the OpenAI API.
infosecB/generative-ai-for-beginners
12 Lessons, Get Started Building with Generative AI 🔗 https://microsoft.github.io/generative-ai-for-beginners/
infosecB/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
infosecB/guarddog
:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
infosecB/infosecb
infosecB/infosecb.github.io
infosecB/ipify-me
Python module/cli to get public IP address using ipify's free API.
infosecB/microsearch
infosecB/mitreattack-python
A python module for working with ATT&CK
infosecB/ocsf-schema
OCSF Schema
infosecB/pydantic-attack
infosecB/pySigma
Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
infosecB/schemastore
A collection of JSON schema files including full API
infosecB/shields
Concise, consistent, and legible badges in SVG and raster format
infosecB/spark
Apache Spark - A unified analytics engine for large-scale data processing
infosecB/T480
notes and configs for linux on t480