kr3tu Goto Github PK

blue-team-detection-engineering-awesome

A list of useful Detection Engineering-related resources.

blue-team-one-liners

You didn't think I'd go and leave the blue team out, right?

blue-team-persistencesniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Made with ❤️ by @last0x00

blue-team-sigma-hq

Generic Signature Format for SIEM Systems

blue-team-sigma-red-canary-2022

A repository of my own Sigma detection rules.

blue-team-yara-cyberthreatintel

Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

deception-awesome-honeypots

an awesome list of honeypot resources

dfir-apt-hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

dfir-awesome-incident-response

A curated list of tools for incident response

dfir-enablewindowslogsettings

Documentation and scripts to properly enable Windows event logs.

dfir-hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

dfir-linux-forensics

Everything related to Linux Forensics

dfir-o365-extractor-suite

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

green-team-python-for-defenders

Python for Defenders Course Resources

ir-playbooks-societe

Incident Response Methodologies 2022

mal-anal-malware-samples

Malware samples, analysis exercises and other interesting resources.

malware-anal-awesome-malware-and-reverse-engineering

malware-anal-capa

The FLARE team's open-source tool to identify capabilities in executable files.

malware-anal-hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

malware-anal-process-hollowing

Great explanation of Process Hollowing (a Technique often used in Malware)

purple-team-aws-adversary-emulation

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

purple-team-linux-purplelabs

This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.

red-team-ad-attack-defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

red-team-ad-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

red-team-ad-goad

Pentesting - game of active directory

red-team-ad-mindmap

Orange Cyberdefense mindmaps

red-team-atomic-red-canary

Small and highly portable detection tests based on MITRE's ATT&CK.

red-team-attack-scripts

Some usefull Scripts and Executables for Pentest & Forensics

red-team-awesome

List of Awesome Red Teaming Resources

red-team-awesome-web-security

🐶 A curated list of Web Security materials and resources.