Docker Container for Penetration Testing/Red Teaming

Easy to extend initial access scenario to help with EDR testing on Linux and Mac

This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.

Mitre ATT&CK framework tactics and techniques in markdown format for best use in Obsidian

A Sandcat plugin to manage all macOS, Windows, and Linux abilities.

A library of post-exploitation MacOS scripts based on threat emulation, LOObins, CTI, and MITRE ATT&CK.

Enterprise-grade solution eliminating persistent MITRE technique lookup failures affecting thousands of Wazuh installations worldwide. Fixes both UUID compatibility and obsolete rule modernization.

This is a proof-of-work for abusing "fsmonitor" against IDE.

A forensic analysis of a simulated cyber-physical attack on Thames Water, exploring network intrusion, OT sabotage, and disinformation tactics.

Cybersecurity lab demonstrating MITRE ATT&CK T1110 brute force attack simulation using Kali Linux and Hydra. Includes reconnaissance, attack execution, IoC analysis, and SOC defense strategies with Fail2Ban and 2FA implementation.

Multi-layered AWS security architecture with Wazuh SIEM, SOAR automation, CSPM, and network segmentation achieving <29-second threat response

Claude Code plugin — 18 cybersecurity domains: IR, DFIR, DevSecOps, SOC, Code Security, Container, Compliance, Cloud/CSPM, Zero Trust, AI/ML, API, Vulnerability Mgmt, Threat Intel, OT/ICS, Governance. Bilingual Thai+English.

Open-source security operations center (SOC) lab environment designed for defenders, detection engineers, and security analysts to learn and practice blue team tradecraft in a controlled, reproducible, and fork-friendly setting.

Modern Purple Team Lab: Intentionally vulnerable Ubuntu 24.04 environment for security research, MITRE ATT&CK mapping, and SIEM detection engineering

Prácticas de Seguridad Informática: criptografía, TLS 1.3, hardening, auditoría web (OWASP), IDS (Suricata), pentesting (NIST 800-115, MITRE ATT&CK)

Production-grade Kubernetes security lab with 5 attack scenarios, automated detection (Trivy/Falco/Kubescape), and hands-on exploitation

Autonomous Vigilance Engine for Reconnaissance Yield

Cybersecurity portfolio — OWASP, MITRE ATT&CK methodology, cheatsheets, and writeups

SOC Detection Engineering & Incident Investigation with Wazuh across Linux and Windows endpoints

Detection rules for the Claude Code source leak : 16 Sigma rules, Splunk, Elastic, YARA. Lab-validated on GOAD Light DC02.