Purpose-built OS for Kubernetes, fully managed by Kubernetes.

My homelab GitOps IaC repo

Cluster monitoring stack for clusters based on Prometheus Operator

Wife approved HomeOps driven by Kubernetes and GitOps using Flux

Writing custom backdoor payloads with C# - Defcon 27 Workshop

Cross platform rapid GUI framework for golang based on Dear ImGui.

Collection of C# projects. Useful for pentesting and redteaming.

A client implementation for the Tailscale HTTP API

Windows API wrappers for Go - useful for SysOps

Various PowerShell scripts that may be useful during red team exercise

A Ruleset to enhance detection capabilities of Ossec using Sysmon

Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, inst…

Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

OSSEM Common Data Model

OSSEM Detection Model

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

A PowerShell script that automates the security assessment of Microsoft 365 environments.

A toolset to make a system look as if it was the victim of an APT attack

Cyber Incident Response Team Playbook Battle Cards

TrustedSec Sysinternals Sysmon Community Guide

OpenCTI Docker deployment helpers

Sigma rules from Joe Security

A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.

A TCP proxy used to expose services onto a tailscale network without root. Ideal for container environments.