Pinned Repositories
BlueSploit
BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
Intrusion_data
This repository is created to store the artifacts for any intrusions I share publicly.
Rita-zeek_analysis
Script to install rita and zeek and then analyze related logs
Sigma_rules
Sigma rules to share with the community
TA_tooling
TeleTracker
TeleTracker is a simple set of Python scripts designed for anyone investigating Telegram channels. It helps you send messages quickly and gather useful channel information easily.
Threat-Intelligence-Playbooks
High-level Threat Intelligence playbooks
ThreatStream-API-Intelligence-calls
This script allows you to query any intelligence from your ThreatStream TIP using their RESTful API.
translated_conti_leaked_comms
Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022
tsale's Repositories
tsale/EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.
tsale/TeleTracker
TeleTracker is a simple set of Python scripts designed for anyone investigating Telegram channels. It helps you send messages quickly and gather useful channel information easily.
tsale/translated_conti_leaked_comms
Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022
tsale/Sigma_rules
Sigma rules to share with the community
tsale/BlueSploit
BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.
tsale/Intrusion_data
This repository is created to store the artifacts for any intrusions I share publicly.
tsale/Threat-Intelligence-Playbooks
High-level Threat Intelligence playbooks
tsale/TA_tooling
tsale/Rita-zeek_analysis
Script to install rita and zeek and then analyze related logs
tsale/ThreatStream-API-Intelligence-calls
This script allows you to query any intelligence from your ThreatStream TIP using their RESTful API.
tsale/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
tsale/Kostas_Yara-Rules
IR yara rules
tsale/awesome-incident-response
A curated list of tools for incident response
tsale/AWS_instances_automation
tsale/MITRE_ATT-CK-navigator-JSON-to-HTML
tsale/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
tsale/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
tsale/Python-Packet-Sniffer
Packet Sniffer Created In Python 3
tsale/sigma
Generic Signature Format for SIEM Systems
tsale/templates
Document templates for open-source projects (README, CONTRIBUTING, GitHub templates)
tsale/PyIntelOwl-Parser
This is a "plugin" colourful parser for PyIntelOwl. It takes the JSON results and parsing them in a colourful, easy to read way.
tsale/pyintelowl
Simple Client for Intel Owl
tsale/SSH-task-automation