Name: Hilko Bengen
Type: User
Bio: Proud 1x developer,
dev AND ops / rust / golang (also cgo), C, Shell, Perl, Python / Linux, Debian, Ubuntu / Security, DFIR, YARA. Cyber!
Twitter: _hillu
Location: Karlsruhe / Frankfurt, Germany
Hilko Bengen's Projects
GRR Rapid Response: remote live forensics for incident response
PIC lsass dumper using cloned handles
Debian packaging for IDA Pro
ifplugd-powered network link status notification for Go
Cross-platform Yara scanner written in Go
Transform Linux Audit logs for SIEM usage
LIEF - Library to Instrument Executable Formats
Simple local scanner for vulnerable log4j instances
Simple local scanner for applications containing vulnerable Spring libraries
Emacs major mode for editing Lua
Simple Probing Tool for Corporate Walled Garden Networks
The world's most hated IT stickers
Best Practice Auditd Configuration
Free, portable and lightweight Internet Relay Chat server
Enhancements for NMAP Script Engine SMB2/3 support
OpenVPN is an open source VPN daemon
A fairly quick data structure for matching a string against a large list of patterns.
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
pefile is a Python module to read and work with PE (Portable Executable) files
Run Splunk search from Emacs
Modular command-line threat hunting tool & framework.
Light-weight Dynamic Tracer for Linux
Some helpful preload libraries for pwning stuff.
A Simple Ransomware Vaccine
The Runner for GitHub Actions :rocket:
Generic Signature Format for SIEM Systems
Signature base for my scanner tools
automatic enumeration and maintenance of Suricata monitoring interfaces