marcurdy's Stars
clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
davidprowe/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
api0cradle/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
vitalif/grive2
Google Drive client with support for new Drive REST API and partial sync
philhagen/sof-elk
Configuration files for the SOF-ELK VM
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
endgameinc/RTA
mattifestation/CimSweep
CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.
spender-sandbox/cuckoo-modified
Modified edition of cuckoo
inodee/threathunting-spl
Splunk code (SPL) for serious threat hunters and detection engineers.
mkorman90/VolatilityBot
VolatilityBot – An automated memory analyzer for malware samples and memory dumps
keithjjones/hostintel
A modular Python application to collect intelligence for malicious hosts.
pcbje/gransk
Document processing for investigations
toniblyx/aws-forensic-tools
Tools for AWS forensics
Kintyre/ksconf
Kintyre's Splunk Configuration tool