Stars
Forensic Browser History Analyzer - Cross-platform browser history extractor (Chrome, Firefox, IE/Edge, Brave, Opera, Vivaldi)
All the deals for InfoSec related software/tools this Black Friday
Check is an advanced open source browser extension by CyberDrain that provides real-time protection against Microsoft 365 phishing attacks. Designed for enterprises and managed service providers, C…
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifa…
A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update. Use these CSVs t…
A repo to centralize some of the regular expressions I've found useful over the course of my DFIR career.
A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV output from processed triage evidence for Eric Zimmerman (EZ Too…
The Intune-Toolkit offers a basic & user-friendly interface to connect to Microsoft Graph, manage policy assignments, and handle backup and restore operations
KQL Queries. Microsoft Defender, Microsoft Sentinel
My OPML export from FreshRSS with my paid subscription feeds removed
Using Full Flash Update files to speed up Windows Deployment
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
External monitoring for organization assets
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
In-depth attack surface mapping and asset discovery
Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.