Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Open device management

An open-source, code-first Python toolkit for building, evaluating, and deploying sophisticated AI agents with flexibility and control.

A one stop repository for generative AI research updates, interview resources, notebooks and much more!

A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.

Apache Iggy: Hyper-Efficient Message Streaming at Laser Speed

leaked prompts of GPTs

Official inference framework for 1-bit LLMs

Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.

Covenant is a collaborative .NET C2 framework for red teamers.

A little tool to play with Windows security

Trying to tame the three-headed dog.

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

yarGen is a generator for YARA rules

The pattern matching swiss knife

Fuzzy hashing API and fuzzy hashing tool

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive …

KIISC Digital Forensics Challenge 2023 - Kimbabasaksaksak's WriteUp

Helm charts for running open source digital forensic tools in Kubernetes

TypeScript bindings for creating scripts for artemis

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

Augmentation to Machine Readable CTI

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Foundational Models for State-of-the-Art Speech and Text Translation

Collaborative Incident Response platform

Standard collection of rules for capa: the tool for enumerating the capabilities of programs