Hacking Books

A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.

Track and evaluate the performance of your investment portfolio across stocks, cryptocurrencies, and other assets.

A terminal spreadsheet multitool for discovering and arranging data

God Mode Detection Rules

Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

PowerShell Ransomware Simulator with C2 Server

Self‑healing Gossip Mesh C2 with Assisted Peer Discovery, Modular Post‑Exploitation, and OPSEC‑Focused Transport

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Timeline of Active Directory changes with replication metadata

A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and r…

This project aims to compare and evaluate the telemetry of various EDR products.

Hunting queries and detections

CA Optics - Azure AD Conditional Access Gap Analyzer

Malicious traffic detection system

A collection of awesome penetration testing resources, tools and other shiny things

Collection of the cheat sheets useful for pentesting

A Plugin to show a diff, whenever recovering a buffer

Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE Att&CK

This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recommandations).

📝📊 Convert your CSV files into Markdown tables.

Automated CIS Benchmark Compliance Remediation for Ubuntu 22 with Ansible

Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Action for checking out a repo

Set up your GitHub Actions workflow with a specific version of Python

acquire is a tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container.

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…