xj220

xj220's Stars

• fastly/ftw

  Framework for Testing WAFs (FTW!)

  Language:Python26458

• nsmfoo/antivmdetection

  Script to create templates to use with VirtualBox to make vm detection harder

  Language:Python720123

• taviso/loadlibrary

  Porting Windows Dynamic Link Libraries to Linux

  Language:C4.3k380

• hugsy/binja-retdec

  Binary Ninja plugin to decompile binaries using RetDec API

  Language:Python16229

• trailofbits/manticore

  Symbolic execution tool

  Language:Python3.7k473

• dev-sec/ansible-collection-hardening

  This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

  Language:Jinja4.2k741

• EmpireProject/Empire

  Empire is a PowerShell and Python post-exploitation agent.

  Language:PowerShell7.5k2.8k

• certsocietegenerale/IRM-deprecated

  Incident Response Methodologies

  1k216

• snare/voltron

  A hacky debugger UI for hackers

  Language:Python6.2k415

• csirtgadgets/massive-octo-spice

  DEPRECATED - USE v3 (bearded-avenger)

  Language:Perl22860

• hslatman/awesome-threat-intelligence

  A curated list of Awesome Threat Intelligence resources

  8.3k1.5k

• WithSecureLabs/doublepulsar-detection-script

  A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.

  Language:Python1k316

• Keysight/Rhme-2016

  Rhme2 challenge (2016)

  Language:C31350

• armbues/ioc_parser

  Tool to extract indicators of compromise from security reports in PDF format

  Language:Python432170

• jaesivsm/JARR

  JARR is a web news aggregator.

  Language:Python12315

• meirwah/awesome-incident-response

  A curated list of tools for incident response

  7.8k1.5k

• Z-0ne/ScanS2-045-Nmap

  Struts2 S2-045-Nmap NSE script

  Language:Lua5013

• yukinying/chrome-headless-browser-docker

  Continuously building Chrome Docker image for Linux.

  Language:Dockerfile37353

• ion-storm/sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  Language:PowerShell783143

• unixfreaxjp/Strudels_Attack

  IOC for "Strudel"IoT "SSH TCP Forward" attacks | https://unixfreaxjp.github.io/Strudels_Attack/

  Language:Lua86

• OffensivePython/Nscan

  Nscan: Fast internet-wide scanner

  Language:Python529149

• jbremer/vb6tracer

  Runtime tracer for the vb6 virtual machine

  Language:C5511

• RPISEC/Malware

  Course materials for Malware Analysis by RPISEC

  3.8k791

• PaulSec/awesome-sec-talks

  A collected list of awesome security talks

  4.1k490

• InfectedPacket/VxVault

  Malware management program and tools

  Language:Python247

• google/grr

  GRR Rapid Response: remote live forensics for incident response

  Language:Python4.8k767

• demisto/content

  Demisto is now Cortex XSOAR. Automate and orchestrate your Security Operations with Cortex XSOAR's ever-growing Content Repository. Pull Requests are always welcome and highly appreciated!

  Language:Python1.2k1.7k

• b3dk7/StegExpose

  A steganalysis tool for detecting LSB steganography in images

  Language:Java20658

• 0day1day/mwcrawler

  Python Malware Crawler for Zoos and Repositories

  10858

• Aki92/Thug-Distributed

  It is the Distributed Version of Thug, by which all systems across the world running thug will get connect. Then URLs will be distributed among them to process and get back the results to the main server.

  Language:Python2410