mthcht
Follow
Lists (20)
Stars
A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate suspicious activities.
Tool designed to exfiltrate OneDrive Business OCR Data
Tool designed to exfiltrate OneDrive Business OCR Data
lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
DFIR LABS - A compilation of challenges that aims to provide practice in simple to advanced concepts in the following topics: Digital Forensics, Incident Response, Malware Analysis and Threat Hunting.
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
A Kubernetes deployable instance of GroundX for document parsing, storage, and search.
A fast CSV command line toolkit written in Rust.
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
Repository with selected IOCs and YARA rules for threat hunting.
A repository of credential stealer formats
Cheat sheet to detect and remove linux kernel rootkit
Sophos-originated indicators-of-compromise from published reports
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
The Linux port of the Sysinternals Sysmon tool.
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
a tiny program to consume from ETW providers for research
RpcView is a free tool to explore and decompile Microsoft RPC interfaces
Depix is a PoC for a technique to recover plaintext from pixelized screenshots.