xg5-simon

Pinned Repositories

cb-content
cb-content is a collection of content packs for Carbon Black Cloud.
Language:Jupyter Notebook1 1 00
MS-Graph-BlueTeam
MS Graph Commands and Tools for Blue Teamers
49 1 01
oh-my-posh-Themes
oh-my-posh themes
2 1 00
PowerShell-Tools
Experimental powershell snippits.
Language:PowerShell4 1 00

xg5-simon's Repositories

xg5-simon/MS-Graph-BlueTeam
MS Graph Commands and Tools for Blue Teamers
49 1 01
xg5-simon/PowerShell-Tools
Experimental powershell snippits.
Language:PowerShell4 1 00
xg5-simon/oh-my-posh-Themes
oh-my-posh themes
2 1 00
xg5-simon/cb-content
cb-content is a collection of content packs for Carbon Black Cloud.
Language:Jupyter Notebook1 1 00
xg5-simon/cb-runner
cb-runner is an experimental Python program to run automated actions via Carbon Black Live Response. The actions are stored in a simple CSV format and can be applied to a single device or list of devices.
Language:Python1 2 00
xg5-simon/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
Language:PowerShell0 0 01
xg5-simon/CloudShellAadApps
xg5-simon/Cortex-Analyzers
Cortex Analyzers Repository
Language:Python1 0
xg5-simon/CrowdStrike2TH
A Python program to connect to the CrowdStrike QueryAPI, retrieve the latest detections and create an alert in TheHive Project
2 2
xg5-simon/CRT
Contact: CRT@crowdstrike.com
Language:PowerShell0 0
xg5-simon/dockerfiles
Dockerfiles for blue team tools
1 0
xg5-simon/hawk
Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
Language:PowerShell0 0
xg5-simon/jupyter-widget-stixview
STIX2 graph widget for Jupyter notebooks, powered by stixview library
Language:Jupyter Notebook0 0
xg5-simon/Mandiant-Azure-AD-Investigator
Language:PowerShell0 0
xg5-simon/misp-cti-blueprint
Sample cti-blueprints as MISP reports
1 0
xg5-simon/misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Language:Python0 0
xg5-simon/pbrunner
Language:Python1 0
xg5-simon/powershell
Powershell fun
Language:PowerShell0 0
xg5-simon/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Language:Python0 0
xg5-simon/python-uv
This repository contains configurations to set up a Python development environment using VSCode's Dev Container feature. The environment includes uv and Ruff.
Language:Python0 0
xg5-simon/Sentinel-Queries
Collection of KQL queries
0 0
xg5-simon/sigma
Generic Signature Format for SIEM Systems
Language:Python0 0
xg5-simon/Threat-Hunting
Language:Python1 0
xg5-simon/ThreatHuntingJupyterNotebooks
xg5-simon/Windows-Terminal-Schemes
A collection of Windows Terminal Themes