lore-masc

lore-masc's Stars

• redcanaryco/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  Language:C10k3522802.8k

• fastfire/deepdarkCTI

  Collection of Cyber Threat Intelligence sources from the deep and dark web

  4.7k21950810

• CyberMonitor/APT_CyberCriminal_Campagin_Collections

  APT & CyberCriminal Campaign Collection

  Language:YARA3.8k46290945

• blackorbird/APT_REPORT

  Interesting APT Report Collection And Some Special IOC

  Language:Python2.5k2134518

• Yamato-Security/hayabusa

  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

  Language:Rust2.4k41676208

• worawit/MS17-010

  MS17-010

  Language:Python2.2k84431.1k

• S3cur3Th1sSh1t/Amsi-Bypass-Powershell

  This repo contains some Amsi Bypass methods i found on different Blog Posts.

  1.8k353296

• CYB3RMX/Qu1cksc0pe

  All-in-One malware analysis tool.

  Language:YARA1.4k3031189

• wbenny/injdrv

  proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

  Language:C1.2k4824283

• demisto/content

  Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR's ever-growing Content Repository. Pull Requests are always welcome and highly appreciated!

  Language:Python1.2k6901.7k

• wwh1004/ExtremeDumper

  .NET Assembly Dumper

  Language:C#8543510193

• tclahr/uac

  UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

  Language:Shell8342758127

• Yamato-Security/WELA

  WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

  Language:PowerShell772186183

• hfiref0x/DSEFix

  Windows x64 Driver Signature Enforcement Overrider

  Language:C7294413250

• bluecapesecurity/PWF

  Practical Windows Forensics Training

  Language:PowerShell637191112

• felixweyne/imaginaryC2

  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which captures HTTP requests towards selectively chosen domains/IPs. Additionally, the tool aims to make it easy to replay captured Command-and-Control responses/served payloads.

  Language:Python44520168

• MBCProject/mbc-markdown

  MBC content in markdown

  390242546

• api0cradle/CVE-2023-23397-POC-Powershell

  Language:PowerShell3416164

• CrowdStrike/SuperMem

  A python script developed to process Windows memory images based on triage type.

  Language:Python26016341

• gtworek/VolatileDataCollector

  Language:C1967131

• nazywam/AutoIt-Ripper

  Extract AutoIt scripts embedded in PE binaries

  Language:Python176101535

• JMousqueton/PoC-CVE-2022-30190

  POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

  Language:Python1574055

• bk-cs/rtr

  Real-time Response scripts and schema

  Language:PowerShell10617424

• irql/CVE-2021-31728

  vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.

  Language:C915024

• pr0tean/TelemetrySourcerer-patched

  Tiny driver patch to allow kernel callbacks to work on Win10 21h1

  Language:C++33208

• zeze-zeze/CYBERSEC2023-BYOVD-Demo

  Language:C29216

• nbicocchi/learn-bash

  Basic course introducing installation, maintenance, and automation of modern Unix systems. Recommended to learners without previous experience.

  Language:Shell253016

• Ja7ad/PHP-Malware-Scanner

  PHP Malware Scanner

  420

• ruggi99/PurpleExercise

  Language:PowerShell4100

• Microv/AstarothConfigExtractor

  Language:Python20