Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Python idiomatic SDK for Cortex™ Data Lake.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

A PowerPoint add-in that splits slides according to slideshow-time animation effects

✏️ Free open source alternative to TypeForm, TellForm, or Google Forms ⛺

Deobfuscate batch scripts obfuscated using string substitution and escape character techniques.

Reworked version of NCC Group's [SharpZeroLogon](https://github.com/nccgroup/nccfsas/tree/main/Tools/SharpZeroLogon) for .NET Framework 3.5

Command line tool that shows the currently installed "classic" .NET versions in your system

Use Svendsen Tech's Get-STDotNetVersion function to get a list of installed .NET Framework versions on (remote) Windows computers. I also added a simple solution for .NET 5+

Passive hostname, domain and IP lookup tool for non-robots

Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.

Xournal++ is a handwriting notetaking software with PDF annotation support. Written in C++ with GTK3, supporting Linux (e.g. Ubuntu, Debian, Arch, SUSE), macOS and Windows 10. Supports pen input fr…

Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes from authentication apps can be captured…

PowerShell for CrowdStrike's OAuth2 APIs

Command line access to the Registry

Library and tools to access the Windows XML Event Log (EVTX) format

Get all my software

A modern Python-3-based alternative to RegRipper

BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.

Active Directory Control Paths auditing and graphing tools

MDATP

Parses amcache.hve files, but with a twist!

An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.

Repository with Sample threat hunting notebooks on Security Event Log Data Sources

#ThreatHunting #DFIR #Malware #Detection Mind Maps

ExifTool meta information reader/writer

Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

Sample queries for Advanced hunting in Microsoft 365 Defender

Malware Configuration And Payload Extraction