nasbench
Detection Engineering | Threat Hunting | Malware Analysis | Windows Internals | DFIR
@NextronSystems @SigmaHQ @magicsword-ioHAL
Pinned Repositories
MAL-CL
MAL-CL (Malicious Command-Line)
sigconverter.io
An opensource sigma conversion tool built using pysigma
C2-Matrix-Indicators
This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Misc-Research
A collection of tools, scripts and personal research
SEDR-Internals
Symantec EDR Internals
SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
sigma
Main Sigma Rule Repository
nasbench's Repositories
nasbench/SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
nasbench/Awesome-Detection-Engineering
Resources and Discussions About Detection Engineering
nasbench/Slides
A collection of my slides and presentations
nasbench/awesome-event-ids
Collection of Event ID ressources useful for Digital Forensics and Incident Response
nasbench/DFIRPowerShellScripts
Various PowerShells scripts I've made to automate some of the boring stuff in my everyday DFIR journey!
nasbench/LawEnforcementResources
Resources provided by the community that can serve to be useful for Law Enforcement worldwide
nasbench/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
nasbench/VanillaWindowsReference
A repo that contains recursive dir listings of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.
nasbench/artifacts
Digital Forensics Artifact Repository
nasbench/aurora-agent-manual
Aurora Agent User Manual
nasbench/bootloaders
nasbench/component-object-model-sample
Sample code for Component Object Model (COM) setup and registration.
nasbench/conference_talks
Slides from various conference talks
nasbench/cookiecutter-pySigma-backend
pySigma Cookiecutter backend template
nasbench/evtx-baseline
A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
nasbench/HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
nasbench/LocalPotato
POC CVE-2023-21746
nasbench/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
nasbench/munin
Online hash checker for Virustotal and other services
nasbench/NimPlant
A light-weight first-stage C2 implant written in Nim.
nasbench/nt5src
Source code of Windows XP (NT5). Leaks are not from me. I just extracted the archive and cabinet files.
nasbench/OSSEM-DD
OSSEM Data Dictionaries
nasbench/panopticon
A YARA Rule Performance Measurement Tool
nasbench/persistence-info.github.io
nasbench/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Made with ❤️ by @last0x00
nasbench/ProcMonXv2
Process Monitor X v2
nasbench/pySigma-backend-insightidr
nasbench/pySigma-backend-splunk
pySigma Splunk backend
nasbench/Sigma-Rules
Rules generated from our investigations.
nasbench/VISION-ProcMon
A ProcessMonitor visualization application written in rust.