Documentation and scripts to properly enable Windows event logs.

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

LotL RMM

Network Enumeration Script

TRACE is a digital forensic analysis tool that provides a user-friendly interface for investigating disk images.

Sysmon configuration file templates with advanced event tracing and blocking

Structured Text Generation

Powershell script to apply hardening recomendation in ESXi hosts 6.5 and 6.7

Memory acquisition for Linux that makes sense.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Everything related to Linux Forensics

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

RedEye is a visual analytic tool supporting Red & Blue Team operations

Testing datasets and tools to compare WAF efficacy

📜 A collection of wordlists for many different usages

Lists and configuration for our DNS blocking service

Windows Forensics Environment Builder

Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Automation to assess the state of your M365 tenant against CISA's baselines

A utility for playing with cryptography, geared towards ransomware analysis.

This project aims to compare and evaluate the telemetry of various EDR products.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

A repository for tracking events related to the MOVEit Transfer Cl0p Campaign

A fast, highly extensible, and event driven SMTP server

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …