Investigate malicious Windows logon by visualizing and analyzing Windows event log

A curated list of awesome readme tools. ✌

Mapping of open-source detection rules and atomic tests.

This Python script allows you to update parameters for multiple saved searches in a specific Splunk app. It provides the flexibility to update both simple key-value pairs and JSON dictionary parame…

A list of cool features of Git and GitHub.

Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

Windows for ARM in a Docker container.

Windows inside a Docker container.

A simple tool designed to create Atomic Red Team tests with ease.

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

Small and highly portable detection tests based on MITRE's ATT&CK.

log-slapper is an open-source offensive security tool designed for red-team operations as the post-exploit module and assessing your Splunk's security.

An informational repo about hunting for adversaries in your IT environment.

Shell Language Processing (SLP). Pre-processing of sh/bash/zsh/.. commands for Machine Learning models.

Machine Learning for Cyber Security

A collection of awesome resources for Splunk

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Main Sigma Rule Repository

👩‍💻👨‍💻 Awesome cheatsheets for popular programming languages, frameworks and development tools. They include everything you should know in one single file.

Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF