Pinned Repositories
APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
evtx2es
Import Windows Eventlogs(.evtx) to ElasticSearch.
injection-1
Windows process injection methods
macOS-ATTACK-DATASET
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
mail-security-tester
A testing framework for mail security and filtering solutions.
PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
shad0w
A post exploitation framework designed to operate covertly on heavily monitored enviroments
Slides
Misc Threat Hunting Resources
YaraHunts
Random hunting ordiented yara rules
sbousseaden's Repositories
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
sbousseaden/Slides
Misc Threat Hunting Resources
sbousseaden/PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
sbousseaden/macOS-ATTACK-DATASET
JSON DataSet for macOS mapped to MITRE ATT&CK Tactics.
sbousseaden/YaraHunts
Random hunting ordiented yara rules
sbousseaden/shad0w
A post exploitation framework designed to operate covertly on heavily monitored enviroments
sbousseaden/APT_Digital_Weapon
Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.
sbousseaden/Adama
Searches For Threat Hunting and Security Analytics
sbousseaden/PythonForWindows
A codebase aimed to make interaction with Windows and native execution easier
sbousseaden/OffensiveVBA
This repo covers some code execution and AV Evasion methods for Macros in Office documents
sbousseaden/Windows-Kernel-Explorer
A free but powerful Windows kernel research tool.
sbousseaden/eqllib
sbousseaden/ExchangeLogCollector
Exchange Log Collection Script
sbousseaden/HyperDbg
The Source Code of HyperDbg Debugger 🐞
sbousseaden/injectAllTheThings
Seven different DLL injection techniques in one single project.
sbousseaden/ioc-scanner-CVE-2019-19781
Indicator of Compromise Scanner for CVE-2019-19781
sbousseaden/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
sbousseaden/malware-ioc
Indicators of Compromises (IOC) of our various investigations
sbousseaden/Revoke-Obfuscation
PowerShell Obfuscation Detection Framework
sbousseaden/sigma
Generic Signature Format for SIEM Systems
sbousseaden/webshell
This is a webshell open source project
sbousseaden/Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.
sbousseaden/CVE-2020-0688_EXP
CVE-2020-0688_EXP Auto trigger payload & encrypt method
sbousseaden/CVE-2020-0796-PoC
PoC for triggering buffer overflow via CVE-2020-0796
sbousseaden/detection-rules
Rules for Elastic Security's detection engine
sbousseaden/fastir_artifacts
Live forensic artifacts collector
sbousseaden/mbc-markdown
MBC content in markdown
sbousseaden/protections-artifacts
Elastic Security detection content for Endpoint
sbousseaden/WindowsProtocolTestSuites
Windows Protocol Test Suites provide interoperability testing against an implementation of the Windows open specifications.
sbousseaden/ysoserial.net
Deserialization payload generator for a variety of .NET formatters