An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

An easy-to-use, cross-platform utility for capturing and diffing file system metadata snapshots.

LotL RMM

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

Authentication Mapper - helping blue-teams analyze authentication activity in Active Directory networks.

Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indicator matches.

VTC - Velociraptor Timeline Creator

SharpShares..but in Python!

Make texture/icon from 3D object in Unity

A background jobs library for Go that allows pluggable brokers/store for distribution.

Converts Bohemia edds to png

Documentation for https://ipapi.is/ and repository for the Geolocation, ASN and Hosting Ranges databases.

MaxMind DB Reader for Go

IP subnet iterator for Go

Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.

Tooling to generate metadata for Win32 APIs in the Windows Driver Kit (WDK).

Update and use YARA rules from across the Internet against targeted files or directories.

Fileless Command Execution for Lateral Movement in Nim

</> htmx - high power tools for HTML

Asynchronous Remote Evidence Retrieval for rapid network-wide threat hunting

A lightweight shared library for Rimworld modding.

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…

HASH (HTTP Agnostic Software Honeypot)

Pester is the ubiquitous test and mock framework for PowerShell.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

Various ways to execute shellcode