HardeningKitty and Windows Hardening settings and configurations

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Code included as part of the MustLearnKQL blog series

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

A PowerShell module for incident response and threat hunting.

Collection of KQL queries

Aliases and scripts to make common tasks easier.

Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.

Terraform + Ansible deployment scripts for an Active Directory lab environment.

WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

Re-play Security Events

Start new PowerShell without etw and amsi in pure nim

A Python API for Hack the Box platform interaction

Python API for interacting with sigma rules.

Python based BloodHound data importer

My Pentest Tools

A wordlist that is kept up to date with the latest headlines to provide relevant words to human society

CVE-2021-40444 PoC

Red Team Attack Lab for TTP testing & research

Main Sigma Rule Repository

PingCastle - Get Active Directory Security at 80% in 20% of the time

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.