philhagen

Lewes Technology Consulting, LLCLewes, DE

Pinned Repositories

Cybersecurity-Pathfinders
3 3 00
dnsimple-python
Python client for DNSimple domain registration and DNS hosting
Language:Python21
for572-scripts
A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
Language:Shell22 10 19
ip2geo
Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
Language:Python98 15 226
ltc-fuzzy-keyword-suggestions
Language:PHP3 3 03
passivedns
A network sniffer that logs all DNS server replies for use in a passive DNS setup
Language:C2 4 00
sof-elk
Configuration files for the SOF-ELK VM
Language:Shell1.5k 111 283271
timeshift
A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
Language:Python19 7 35
vmware-snapcompare
VMware Snapshot Forensic Comparison Scripts
Language:Shell25 5 03

philhagen's Repositories

philhagen/sof-elk
Configuration files for the SOF-ELK VM
Language:Shell1.5k 111 283271
philhagen/ip2geo
Script to perform bulk local GeoIP lookups (ASN and geo) for IP addresses
Language:Python98 15 226
philhagen/for572-scripts
A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
Language:Shell22 10 19
philhagen/timeshift
A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
Language:Python19 7 35
philhagen/Cybersecurity-Pathfinders
3 3 00
philhagen/ltc-fuzzy-keyword-suggestions
Language:PHP3 3 03
philhagen/sansfor509
Public script from SANS FOR509 Enterprise Cloud Incident Response
Language:Python2 2 0
philhagen/web-traffic-generator
A quick and dirty HTTP/S "organic" traffic generator.
Language:Python2 2 01
philhagen/daylight_tracker
Language:Python1 3 01
philhagen/fail2ban
Daemon to ban hosts that cause multiple authentication errors
Language:Python1 2 0
philhagen/freq
This is a repository for freq.py and freq_server.py
Language:Python1
philhagen/geoip-bootstraps
Language:Shell1 4 21
philhagen/hassh
HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a small MD5 fingerprint.
Language:Python1 2 01
philhagen/ja3-aggregator
Aggregate and normalize JA3 hash databases from multiple sources
1
philhagen/yersinia-web
Yersinia Web
Language:HTML1 4 0
philhagen/arkime
Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
Language:JavaScript2 0
philhagen/arkimeweb
The website for arkime.com
Language:HTML1 0
philhagen/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Language:C
philhagen/bitfit
Recursively validate a starting directory of file contents to identify changes, corrupt data
Language:Python
philhagen/ja3
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
Language:Python
philhagen/kibana-sofelkhtml-plugin
Kibana HTML Widget Plugin
Language:JavaScript3 0
philhagen/log-login
a authentication log plugin for YOURLS
Language:PHP3 0
philhagen/md5deep
A Python implementation of some md5deep features
Language:Python3 0
philhagen/pptxindex
Create a MS Word index file from PowerPoint notes and slides
Language:Python3 0
philhagen/pycommunityid
A Python implementation of the Community ID flow hashing standard
Language:Python
philhagen/python-github-webhooks
Simple Python WSGI application to handle Github webhooks
Language:Python2 0
philhagen/sec487.github.io
website
Language:JavaScript2 0
philhagen/sift-bootstrap
SANS Investigative Forensics Toolkit Bootstrap Script
Language:Shell3 01
philhagen/sift-saltstack
Salt States for Configuring the SIFT Workstation
Language:Python3 0
philhagen/tcpdstat
Get protocol statistics from tcpdump pcap files (fork)
Language:C1 0