kolmai's Stars
danielbohannon/Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
travisbgreen/hunting-rules
Suricata rules for network anomaly detection
MalwareTech/EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
target/Threat-Hunting
Detection of obfuscated Powershell commands
Helixo32/CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
FourCoreLabs/firedrill
firedrill is a malware simulation harness for evaluating your security controls
AutohostAI/meeting-notes
Generate meeting notes for Google Meet using ChatGPT
Azure/Azure-Sentinel-Notebooks
Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.
egaus/MaliciousMacroBot
DavidJBianco/huntlib
A Python library to help with some common threat hunting data analysis operations
google/grr
GRR Rapid Response: remote live forensics for incident response
activecm/devprof
Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
mytechnotalent/Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.
BinaryScary/NET-Obfuscate
Obfuscate ECMA CIL (.NET IL) assemblies to evade Windows Defender AMSI
salesforce/jarm
fashionproof/RunHijackHunter
0x25bit/Updated-Carbanak-Source-with-Plugins
https://twitter.com/itsreallynick/status/1120410950430089224
hatching/python-sandboxapi
Minimal, consistent Python API for building integrations with malware sandboxes.
Tylous/Limelighter
A tool for generating fake code signing certificates or signing real ones
MichaelKoczwara/Awesome-CobaltStrike-Defence
Defences against Cobalt Strike
zodiacon/syllabi
pk-fr/yakpro-po
YAK Pro - Php Obfuscator
hasherezade/hollows_hunter
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
hasherezade/malware_analysis
Various snippets created during malware analysis
pan-unit42/wireshark-tutorial-Dridex-traffic
pcaps for Wireshark tutorial about examining Dridex infection traffic
hx015/TH-Notebooks
grnet/emotet-utils
thomaspatzke/elk-detection-lab
An ELK environment containing interesting security datasets.
Infocyte/PSHunt
Powershell Threat Hunting Module