Main KNULLI distribution

Shodan Dorks

List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.

Repository for storage of Axon Rapid Response related queries, scripts and more

Implementing the CIS Critical Controls (almost) for Free

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

Repository and archive for Killing The Bear Gitbook

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Homebridge Docker. HomeKit support for the impatient using Docker on x86_64, Raspberry Pi (ARM64). Includes ffmpeg + libfdk-aac.

Community guide to securing and improving privacy on macOS.

Automatic detection engineering technical state compliance

MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

An interactive, terminal-based markdown presenter

A collection of modern/faster/saner alternatives to common unix commands.

Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating…

SIEGMA - Transform Sigma rules into SIEM consumables

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

A tool to de-fang and re-arm malicious URLs.

Documentation and supporting script sample for Windows Exploit Guard

A collection of scripts for assessing Microsoft Azure security

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

PeaceMaker Threat Detection is a Windows kernel-based application that detects advanced techniques used by malware.

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.

Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal

A respository for MDATP PowerBI Templates

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Tools to set up a quick macOS VM in QEMU, accelerated by KVM.