joeavanzato
Security Spaghetti, al dente. DFIR, Detection Engineering, Threat Hunting, etc. Join my Discord for Tool Discussion: https://discord.gg/kEQy82N3uT
Pinned Repositories
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
crackdown
Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
differ
An easy-to-use, cross-platform utility for capturing and diffing file system metadata snapshots.
LogBoost
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indicator matches.
MACfuscator
Anti-Forensics Timeline Obfuscation Utility
RetrievIR
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
ThreatSim
Threat Simulator for Enterprise Networks
Trawler
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
velociraptor-timeline-creator
VTC - Velociraptor Timeline Creator
WMIHunter
Asynchronous Remote Evidence Retrieval for rapid network-wide threat hunting
joeavanzato's Repositories
joeavanzato/Trawler
PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
joeavanzato/LogBoost
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indicator matches.
joeavanzato/RetrievIR
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
joeavanzato/crackdown
Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
joeavanzato/velociraptor-timeline-creator
VTC - Velociraptor Timeline Creator
joeavanzato/ThreatSim
Threat Simulator for Enterprise Networks
joeavanzato/WMIHunter
Asynchronous Remote Evidence Retrieval for rapid network-wide threat hunting
joeavanzato/awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
joeavanzato/demo-react-flask-mui-auth
Example React app utilizing MaterialUI with Flask JWT-authed API backend.
joeavanzato/MalCommands
Documenting Suspicious Command Lines
joeavanzato/RAID
Rapid Acqusition of Interesting Data
joeavanzato/YARACheck
Update and use YARA rules from across the Internet against targeted files or directories.
joeavanzato/PyShares
SharpShares..but in Python!
joeavanzato/differ
An easy-to-use, cross-platform utility for capturing and diffing file system metadata snapshots.
joeavanzato/LogonGrabber
Remote retrieval, filtering and analysis of Security.evtx logs for user activity analysis.
joeavanzato/SimpleScanner
Basic XSS, SQLi and LFI Vulnerability Scanner
joeavanzato/WinGraph
Graph Visualizer for Windows Event Logs
joeavanzato/AuthMap
Authentication Mapper - helping blue-teams analyze authentication activity in Active Directory networks.
joeavanzato/IOCFeed
joeavanzato/joeavanzato.github.io
joeavanzato/PortCheck
Use TCP or UDP to check connection availability for remote hosts
joeavanzato/EyeOfTheBeholder
joeavanzato/Outlooked-IOC
Tool for scanning an Outlook Inbox in order to discover Indicators of Compromise - intelligence dissemination/bulletins, *-ISAC Threads, etc,
joeavanzato/PacketSimulator
joeavanzato/PMATCH
Recursive file-hasher and string-matcher
joeavanzato/PythonWebServer
joeavanzato/QuickScan
Hunting for Abnormalities
joeavanzato/ipenrich
joeavanzato/velociraptor-docs
Documentation site for Velociraptor
joeavanzato/WARD
Windows Artifact Retrieval and Discovery