Tosint is a Telegram OSINT tool that extracts actionable intelligence from bot tokens and chat IDs for security investigations.

Firefox Decrypt is a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

GPT-3 found hundreds of security vulnerabilities in this repo

Small and highly portable detection tests based on MITRE's ATT&CK.

Library of threat hunts to get any user started!

Sophos-originated indicators-of-compromise from published reports

Indicators from Unit 42 Public Reports

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

Tools for hunting for threats.

automated password spraying tool

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Kusto Query Language

DGA Domains detection

Sample queries for Advanced hunting in Microsoft 365 Defender

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Repository of yara rules

Analyze the security of any domain by finding all the information possible. Made in python.

Analysis Correlation Engine

Syntactic detection of malicious (obfuscated) JavaScript files

Ghidra is a software reverse engineering (SRE) framework

Exploit Pack for Metasploit - Collection of modules gathered across time and internets

Post Exploitation Collection

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Striker is an offensive information and vulnerability scanner.