Lists (8)
Sort Name ascending (A-Z)
Stars
Code included as part of the MustLearnKQL blog series
Elastic Security detection content for Endpoint
The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects requiring both technologies (Splunk and Azure/Sentinel) or …
3 tools that work together to simplify reconaissance of Windows File Shares
Bash script to parse multiple Nmap (.gnmap) exports into various plain-text formats for easy analysis.
😎 Awesome list of all things related to Microsoft Entra
KQL Queries. Microsoft Defender, Microsoft Sentinel
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Sophos-originated indicators-of-compromise from published reports
Microsoft Threat Protection Advance Hunting Cheat Sheet
Azure Security Resources and Notes
Red Teaming Tactics and Techniques
Wordlists for creating statistically likely username lists for use in password attacks and security testing
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.
M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response capabilities.
Scripts and Content for working with Open AI
the transparent ransomware claim tracker 🥷🏼🧅🖥️
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
This repo is used to host the source for the Microsoft 365 documentation on https://docs.microsoft.com.
Slides from BSides Columbus 2023 - Secure Your Career With A Personal Brand
The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).
This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.