Online resources related to SOC Analysts. Incident investigation reference material, blogs, newsletters, good reads, books, trainings, podcasts, Twitter/X accounts and a set of tools relevant to th…

Various public documents, whitepapers and articles about APT campaigns

Indicators of Compromise (IOCs) from malware or suspicious network traffic

PowerShell Digital Forensics & Incident Response Scripts.

Ink/Stitch: an Inkscape extension for machine embroidery design

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

ArgFuscator.net is an open-source, stand-alone web application that helps generate obfuscated command lines for common system-native executables.

Some POCs for my BYOVD research and find some vulnerable drivers

Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools, logging configuration and best practices, event log refere…

A tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API

ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.

📝 Free and open-source software that automatically suggests citations and helps write a bibliography for you. Forked from zotero/bib-web.

Simple hunting script for suspicious M365 OAuth Apps

Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?

CIPP is a M365 multitenant management solution

The clarion call tells you if someone is logging into an AitM proxy that is proxying your M365 login page

📚 Community guides for open source creators

ASCII generator (image to text, image to image, video to video)

Get PROXY List that gets updated everyday

OSSEM Detection Model

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, co…

A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.

Cuckoo3 is a Python 3 open source automated malware analysis system.

Malware Configuration And Payload Extraction