Hayabusa is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs written in Rust. #dfir #forensics #rust github.com/Yamato-Securit…

Digital Evidence Cheat Sheet Credit: SANS DFIR #infosec #cybersecurity #pentesting #oscp #informationsecurity #hacking #cissp #redteam #technology #DataSecurity #CyberSec #Hackers #tools #bugbountytips #Linux #websecurity #Network #NetworkSecurity #cybersecurityawareness

GitHub - bluecapesecurity/PWF: Practical Windows Forensics Training github.com/bluecapesecuri…

Kali Purple: You Do You! Practice Ops: Virtualization, firewalls, VLAN, WAF, SIEM, IDS/IPS, ... Practice Red: Penetration testing of vulnerable machines while seeing what the blue team sees. Can you become stealthier? gitlab.com/kalilinux/docu…

I was curious a while back (last summer) about RATs, and how many may be found on the open net. Not complete in any sense (at all). But, maybe useful for someone out there. Enjoy some RATs! docs.google.com/spreadsheets/d… #ThreatHunting #BlueTeam

passivedns A network sniffer that logs all DNS server replies for use in a passive DNS setup. github.com/gamelinux/pass… #cybersecurity #infosec #pentesting t.me/hackgit/8475

Hey 🕵️‍♂️#OSINT🕵️‍♀️ 👀, DNS History has the largest DNS record history database, with more than 2.2 billion nameserver changes detected, daily updated. #CyberSec #bugbountytips #bugbountytip #DNS #threatintel #threatintell completedns.com/dns-history/

Depix A tool for recovering passwords from pixelized screenshots. github.com/beurtschipper/… #cybersecurity #infosec t.me/hackgit/8823

This repository contains all the Incident Response Playbooks and Workflows of Company's SOC. gitlab.com/syntax-ir/play…

GitHub - krisnova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin. github.com/krisnova/boopk…

Interesting project for anti-forensics and evasion. Blue-teamers should study this one for learning 🤓 github.com/PaulNorman01/F…

GeoOpen and mmdb-server: A Comprehensive Open-Source Solution for IP Address Geolocation. hdoc.csirt-tooling.org/OgdCNqHYQpukzR… my lighting talk at Pass the SALT Conference #opensource #geoiplookup

GitHub - marcosValle/awesome-windows-red-team: A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams github.com/marcosValle/aw…

An open-source self-hosted purple team management web application. github.com/CyberCX-STA/Pu…

Somebody asked if you can run a dll directly without rundll32 as you would do with an exe. You just need to remove the IMAGE_FILE_DLL flag from IMAGE_FILE_HEADER->Characteristics, which can be done with the option -e of github.com/Kudaes/CustomE…. Don't see much use for it tho ^^

EventLogExpert: A free and open source Windows Event Log viewer (hat tip to Husam Shbib on LinkedIn for the link) #digitalforensics github.com/microsoft/Even…

Bellingcat’s Online Open Source Investigation Toolkit bellingcat.gitbook[.]io/toolkit

active-directory-security The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Access Model. github.com/mon-csirt/acti…

Open Breach and Attack Simulation Platform : github.com/OpenBAS-Platfo…

Playbooks - Playbooks for SOC Analysts github.com/socfortress/Pl…