toastr's Stars
pan-unit42/iocs
Indicators from Unit 42 Public Reports
secureworks/BAADTokenBroker
EvotecIT/GPOZaurr
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.
charlax/professional-programming
A collection of learning resources for curious software engineers
ancailliau/sans-indexes
Indexes for SANS Courses and GIAC Certifications
netwrix/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
elceef/dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
jsa2/caOptics
CA Optics - Azure AD Conditional Access Gap Analyzer
Cyb3rWard0g/IntelRAGU
Intel Retrieval Augmented Generation (RAG) Utilities
center-for-threat-informed-defense/cti-blueprints
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
LivingInSyn/RMML
A list of RMMs designed to be used in automation to build alerts
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
EvotecIT/ImagePlayground
ImagePlayground is a PowerShell module that provides a set of functions for image processing. Among other things it can create QRCodes, BarCodes, Charts, and do image processing that can help with daily tasks.
cristianzsh/forensictools
Collection of forensic tools
joeavanzato/LogBoost
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indicator matches.
lkarlslund/Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
hakluke/hakrevdns
Small, fast tool for performing reverse DNS lookups en masse.
mattnotmax/cyberchef-recipes
A list of cyber-chef recipes and curated links
OWASP/wrongsecrets
Vulnerable app with examples showing how to not use secrets
frankwxu/digital-forensics-lab
Free hands-on digital forensics labs for students and faculty
threatexpress/metatwin
The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into another.
MzHmO/NtlmThief
Extracting NetNTLM without touching lsass.exe
JulianHayward/AzADServicePrincipalInsights
Insights and change tracking on Microsoft Entra ID Service Principals (Enterprise Applications, Applications and Managed Identities)
offsecginger/koadic
zerosum0x0's Koadic
rabobank-cdc/DeTTECT
Detect Tactics, Techniques & Combat Threats
GameTec-live/ChameleonUltraGUI
A GUI for the Chameleon Ultra written in Flutter for crossplatform
JetP1ane/Callisto
Callisto - An Intelligent Binary Vulnerability Analysis Tool
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
awslabs/threat-composer
A simple threat modeling tool to help humans to reduce time-to-value when threat modeling