A repository hosting example goodware evtx logs containing sample software installation and basic user interaction

Documentation and scripts to properly enable Windows event logs.

Collection of Event ID ressources useful for Digital Forensics and Incident Response

Event Tracing For Windows (ETW) Resources

PowerShell - Rapid Response... For the incident responder in you!

Portable Executable reversing tool with a friendly GUI

Rust port of the Terry Davis' (RIP) "god says" program

Evasions encyclopedia gathers methods used by malware to evade detection when run in virtualized environment. Methods are grouped into categories for ease of searching and understanding. Also provi…

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of U…

Extracted data & informations from the Conti & TrickBot leaks.

A Linux Ransomware

This repository provides the core to build your own External C2 Server and Connector for Brute Ratel C4

This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)

AOL® 3.0 32-bit client software for use with the P3OL server project.

Avara game, originally published in 1996 for MacOS.

otto snacks on ALF

Port of the original 1996 game from Ambrosia Software.

This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

Code and yara rules to detect and analyze Cobalt Strike

Cobalt Strike Beacon configuration extractor and parser.

Tool for password spraying RDP

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)