This repository is dedicated to documenting different library files (DLLs) susceptible to exploitation through search order hijacking, including side-loading and phantom DLLs

GUI code for VTTL

VB Common Controls Replacement Library

IP addresses analyzed by ThreatIntelligenceAggregator.org

Rename television season episodes and extras organized by disc (folders)

The Ultimate Unified Hosts file for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites. Protect your children and family from gaining access to bad w…

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains use…

Sort YARA Rules by File Type

This script will take the CSV output and create a CSV with endpoints grouped by CVE and one with NVD descriptions

SentinelOne Blacklist Export

Takes a list of domains and output one unique domain structure for each unique second (or third) level domain

Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.

A collection of PowerShell scripts I have created during my career - some from IT - most related to Computer Incident Response

A comprehensive PowerShell script to extract as much forensic information as possible from a mounted disk image. It also works with volatile data collected Volexity Volcano data.

Vectra Detect API example in Python

Query for SQL varbinary columns and write the results out to files using SqlDataReader, FileStream and BinaryWriter

Library and command line tool for interacting with Carbon Black environments.

Wrapper to fetch cve information from NVD

MSRC API for python

Process a CSV of tor alerts against the www.dan.me.uk/tornodes list to confirm if the IP and port are listed.

Converts dns names to Microsoft DNS debug format. Example: google.com becomes (6)google(3)com(0)

Zeek-Formatted Threat Intelligence Feeds

OWASP CRS (Official Repository)

Example API code in Python to work with MixMode PacketSled

YARA rules sorted by file type from the Yara-Rules/rules repository

Get your stuff out of CB Response/EDR.

Python 3 script downloads national vulnerability database, converts into .csv format, and appends years into one large file. Works on *nux or Windows.

Tracks the frequency of words that follow other words.

List of PowerShell commands and commandlets that should be in your Powershel watchlist