nasbench
Detection Engineering | Threat Hunting | Malware Analysis | Windows Internals | DFIR
@NextronSystems @SigmaHQ @magicsword-ioHAL
Pinned Repositories
MAL-CL
MAL-CL (Malicious Command-Line)
sigconverter.io
An opensource sigma conversion tool built using pysigma
C2-Matrix-Indicators
This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
EVTX-ETW-Resources
Event Tracing For Windows (ETW) Resources
MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Misc-Research
A collection of tools, scripts and personal research
SEDR-Internals
Symantec EDR Internals
SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
sigma
Main Sigma Rule Repository
nasbench's Repositories
nasbench/component-object-model-sample
Sample code for Component Object Model (COM) setup and registration.
nasbench/Creds
Some usefull Scripts and Executables for Pentest & Forensics
nasbench/C2-Matrix-Indicators
This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
nasbench/MAL-CL
MAL-CL (Malicious Command-Line)
nasbench/MindMaps
#ThreatHunting #DFIR #Malware #Detection Mind Maps
nasbench/Http-Asynchronous-Reverse-Shell
[POC] Asynchronous reverse shell using the HTTP protocol.
nasbench/BabyShark
Basic C2 Server
nasbench/SEDR-Internals
Symantec EDR Internals
nasbench/Yara-Rules
nasbench/sedr-localdatastore-parser
Parser for Symantec EDR "localdatastore" folder
nasbench/nasbench.github.io
nasbench/trevorc2
TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.
nasbench/ManageEngine-Application-Manager-XSS-POC
ZOHO Manage Engine Application Manager - XSS POC
nasbench/CVE-2019-19547
CVE-2019-19547 POC
nasbench/CVE-2020-12593
CVE-2020-12593 POC
nasbench/CVE-2020-5839
CVE-2020-5839 POC
nasbench/w32
A wrapper of windows apis for the Go Programming Language.
nasbench/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
nasbench/python-sdb
Pure Python parser for Application Compatibility Shim Databases (.sdb files)
nasbench/winprocs.dfir.tips
nasbench/procmon-malware-analysis-filters
Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
nasbench/GhostLoader
GhostLoader - AppDomainManager - Injection - 攻壳机动队
nasbench/pywintrace
ETW Python Library
nasbench/CTFs
CTF's Writeups
nasbench/Encoder-Decoder
A python script that contains multiple functionalities (Hashing, Encoding/Decoding...etc.)
nasbench/Multi-Threaded-BruteForcer
A script that automates a brute-force attack on a login page
nasbench/PoCSubjectInterfacePackage
A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.