Pinned Repositories
ansible-ask-osquery
Rudimentary Ansible play to collect data from systems with osqueryi
blocklist-ipsets-1
ipsets dynamically updated with firehol's update-ipsets.sh script
elastalert
Easy & Flexible Alerting With ElasticSearch
Eric-Zimmerman-tools
EZ FT
EVTX-SAMPLES
Windows Events Samples
kubequery
Kubequery powered by Osquery
mac-a-mal
malicious-chrome-extension-scanner
malwoverview
Malwoverview.py is a simple tool to perform an initial and quick triage on a directory containing malware samples
xnumon
monitor macOS for malicious activity
sathishdsgithub's Repositories
sathishdsgithub/Eric-Zimmerman-tools
EZ FT
sathishdsgithub/xnumon
monitor macOS for malicious activity
sathishdsgithub/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
sathishdsgithub/amazon-guardduty-tester
This script is used to generate some basic detections of the GuardDuty service
sathishdsgithub/AnalysisTips
sathishdsgithub/Apfell
A collaborative, multi-platform, red teaming framework
sathishdsgithub/athena-cli
Presto-like CLI tool for AWS Athena
sathishdsgithub/automactc
AutoMacTC: Automated Mac Forensic Triage Collector
sathishdsgithub/awesome-malware-analysis
A curated list of awesome malware analysis tools and resources.
sathishdsgithub/awesome-osquery
Osquery Resources
sathishdsgithub/aws-metadata-proxy
AWS Metadata Proxy for protection against SSRF
sathishdsgithub/Books
Basic books for better knowing of Linux and shells
sathishdsgithub/Complete-Python-3-Bootcamp
Course Files for Complete Python 3 Bootcamp Course on Udemy
sathishdsgithub/Crescendo
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
sathishdsgithub/crowdstrike-falcon-queries
A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
sathishdsgithub/DetectionLab
Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices
sathishdsgithub/EVTX-ATTACK-SAMPLES
Windows Events Samples
sathishdsgithub/Extract-IOC-Strings
sathishdsgithub/Kuiper
Digital Investigation Platform
sathishdsgithub/LinuxForensics
Everything related to Linux Forensics
sathishdsgithub/mac_apt
macOS Artifact Parsing Tool
sathishdsgithub/munin
Online hash checker for Virustotal and other services
sathishdsgithub/osquery-configuration
A repository for using osquery for incident detection and response
sathishdsgithub/plaso
Super timeline all the things
sathishdsgithub/python-refresher
A Python refresher section for all our courses
sathishdsgithub/Python-Scripts
Collection of Various Python Script's.💻
sathishdsgithub/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
sathishdsgithub/S3Scanner
Scan for open AWS S3 buckets and dump the contents
sathishdsgithub/srum-dump
A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
sathishdsgithub/threatbox
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why not? This seemed a natural evolution.