Pinned Repositories
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
All-Things-Postman
A selection of examples using Postman REST Client
amplify-passwordless-sms-auth
amplify passwordless sms authentication
detection-rules
Rules for Elastic Security's detection engine
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
minemeld-qradar-api
OSINT
Collections of tools and methods created to aid in OSINT collection
poruchikrj's Repositories
poruchikrj/vulyk
Flask/Mongo application to provide intuitive web-interface for tasks distribution
poruchikrj/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
poruchikrj/minemeld-qradar-api
poruchikrj/Azure-Sentinel-4-SecOps
Azure Sentinel 4 SecOps
poruchikrj/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
poruchikrj/OSINT-Framework
OSINT Framework
poruchikrj/amplify-passwordless-sms-auth
amplify passwordless sms authentication
poruchikrj/phantom-apps
Phantom Apps Repo
poruchikrj/insightconnect-plugins
Plugin source code for the InsightConnect SOAR product, developer documentation at komand.github.io/python/start.html
poruchikrj/insightconnect-workflows
Community workflows for the InsightConnect SOAR product
poruchikrj/MalwareLab_VM-Setup
Setup scripts for my Malware Analysis VMs
poruchikrj/custom-workflows
Public workflows repository for Ayehu users to share their content
poruchikrj/playbooks
Phantom Community Playbooks
poruchikrj/custom-activities
Public activities repository for Ayehu users to share their content
poruchikrj/sysmon-modular
A repository of sysmon configuration modules
poruchikrj/PSDecode
PowerShell script for deobfuscating encoded PowerShell scripts
poruchikrj/Business-Email-Compromise-Guide
The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.
poruchikrj/netstalking-osint
Коллекция материалов по OSINT для нетсталкинга
poruchikrj/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
poruchikrj/Content-Doc
poruchikrj/SecurityPrivacyReferenceArchitecture
Open Repository for the Open Security and Privacy Reference Architecture
poruchikrj/Blue-team-app-Office-365-and-Azure
poruchikrj/ThreatHunting-1
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
poruchikrj/red_team_tool_countermeasures
poruchikrj/detection-rules
Rules for Elastic Security's detection engine
poruchikrj/resilient-community-apps
Open-source and community extensions for Resilient
poruchikrj/awesome-osint
:scream: A curated list of amazingly awesome OSINT
poruchikrj/threatconnect-playbooks
Community driven repository of Playbooks and Apps for ThreatConnect.
poruchikrj/ibm-security-notebooks
Jupyter notebook collection for IBM Security
poruchikrj/MalwLess
Test Blue Team detections without running any attack.