nasbench
Detection Engineering | Threat Hunting | Malware Analysis | Windows Internals | DFIR
@NextronSystems @SigmaHQ @magicsword-ioHAL
Pinned Repositories
MAL-CL
MAL-CL (Malicious Command-Line)
sigconverter.io
An opensource sigma conversion tool built using pysigma
C2-Matrix-Indicators
This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Misc-Research
A collection of tools, scripts and personal research
SEDR-Internals
Symantec EDR Internals
SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
sigma
Main Sigma Rule Repository
nasbench's Repositories
nasbench/EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
nasbench/Misc-Research
A collection of tools, scripts and personal research
nasbench/sigma
Generic Signature Format for SIEM Systems
nasbench/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
nasbench/sysmon-config
Sysmon configuration file template with default high-quality event tracing
nasbench/threathunters
nasbench/wil
Windows Implementation Library
nasbench/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
nasbench/LOLDrivers
Living Off The Land Drivers
nasbench/nasbench
nasbench/SEPparser
Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
nasbench/sigmahq.github.io
Official Website Of The Sigma Project
nasbench/SXSEXP
Expand compressed files from WinSxS folder
nasbench/InsightEngineering
Hardcore Debugging
nasbench/license-list-XML
This is the repository for the master files that comprise the SPDX License List
nasbench/pySigma
Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
nasbench/pySigma-backend-elasticsearch
pySigma Elasticsearch backend
nasbench/pySigma-backend-QRadar-AQL
QRadar AQL backend for converting Sigma rules to QRadar AQL queries
nasbench/schemastore
A collection of JSON schema files including full API
nasbench/sensor-mappings-to-attack
Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help detect real-world adversary behaviors in their environments.
nasbench/sigconverter.io
A opensource sigma convertion tool built using pysigma
nasbench/sigma-cli
The Sigma command line interface based on pySigma
nasbench/sigma-specification
Sigma rule specification
nasbench/SigmAIQ
nasbench/signature-base
Signature base for my scanner tools
nasbench/terminal
The new Windows Terminal and the original Windows console host, all in the same place!
nasbench/ThreatHunting-Keywords-sigma-rules
Sigma detection rules for hunting with the threathunting-keywords project
nasbench/vscode-sigma
nasbench/windows-itpro-docs
This repository is used for Windows client for IT Pro content on Microsoft Learn.
nasbench/WSL
Issues found on WSL