Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.

Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool

Impacket is a collection of Python classes for working with network protocols.

Pwnspoof repository

Structured Threat Intelligence Graph

DDoS Amplification Tool

Threat Intel IoCs + bits and pieces of dark matter

This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their corresponding ATT&CK techniques. The primary goal is to enh…

Identifies the bytes that Microsoft Defender flags on.

Collection of Offensive C# Tooling

PowerShell rebuilt in C# for Red Teaming purposes

Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

Fast and lightweight x86/x86-64 disassembler and code generation library

Collection of example YARA-L rules for use within Google Security Operations

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions, Inc. @ http://www.windows-internals…

An optimized Python3 library to fetch the most recent exploit-database, create searchable indexes for CVE->EDBID and EDBID -> CVE, and provide methods to perform searches.

ThreatTracer - A python Script to identify CVE by name & version by @FR13ND0x7F

Capsule8: open-source cloud-native behavioral security monitoring

Transform Linux Audit logs for SIEM usage

The Python interface for YARA

Indicators of Compromises (IOC) of our various investigations

OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)