mbower

mbower's Stars

• nathanmcnulty/nathanmcnulty

  Language:PowerShell12011

• splunk/attack_range

  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

  Language:Jinja2.2k356

• StrikeReady-Inc/research

  shared IOCs and context from StrikeReady blogs

  8

• ThreatLabz/smokebuster

  A tool to detect, analyze, and remediate SmokeLoader infections.

  4

• curated-intel/The-CTI-Research-Guide

  A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners

  591

• deepfence/YaraHunter

  🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

  Language:Go1.3k154

• CrowdStrike/psfalcon

  PowerShell for CrowdStrike's OAuth2 APIs

  Language:PowerShell36870

• nasbench/Misc-Research

  A collection of tools, scripts and personal research

  Language:Python11316

• redcanaryco/surveyor

  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.

  Language:Python18361

• stivenhacker/GhostStrike

  Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

  Language:C++74087

• chainguard-dev/malcontent

  #supply #chain #attack #detection

  Language:YARA45132

• mthcht/awesome-lists

  Awesome Security lists for SOC/CERT/CTI

  Language:GLSL71584

• cudeso/proof-value-cti

  Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.

  524

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.7k158

• Gadzhovski/TRACE-Forensic-Toolkit

  TRACE is a digital forensic analysis tool that provides a user-friendly interface for investigating disk images.

  Language:Python13215

• SecurityAura/DE-TH-Aura

  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration).

  383

• panther-labs/panther-analysis

  Built-in Panther detection rules and policies

  Language:Python339173

• jsecurity101/JonMon

  Language:C17327

• murat-exp/EDR-Antivirus-Bypass-to-Gain-Shell-Access

  EDR & Antivirus Bypass to Gain Shell Access

  Language:C#21438

• openrelik/openrelik-server

  The core backend server handling API requests and task management

  Language:Python313

• SlimKQL/Hunting-Queries-Detection-Rules

  KQL Queries. Microsoft Defender, Microsoft Sentinel

  Language:HTML26149

• CrowdStrike/logscale-community-content

  This repository contains Community and Field contributed content for LogScale

  Language:Shell16227

• BushidoUK/Russian-APT-Tool-Matrix

  A tool matrix for Russian APTs based on the Ransomware Tool Matrix

  18137

• apophis133/apophis-YARA-Rules

  Repository of yara rules and malware config extractors

  Language:YARA102

• wiz-sec-public/wiz-research-iocs

  333

• reecdeep/segugio

  Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extracting the malware's final stage configuration.

  Language:C#1413

• RootUp/SmuggleShield

  Basic protection against HTML smuggling attempts.

  Language:JavaScript458

• certeu/droid

  A pySigma wrapper to manage detection rules.

  Language:Python293

• magicsword-io/LOLDrivers

  Living Off The Land Drivers

  Language:YARA1k123

• 7etsuo/windows-api-function-cheatsheets

  A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.

  935103