An Infrastructure as code proof of concept to deploy a bare minimum AD environment in AWS.

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Quick and dirty PoC for checking whether a vulnerable version of xz-utils is installed (CVE-2024-3094)

Windows Malware Investigation Scripts & Docs

An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.

Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE

This is a fully automated Active directory Lab made with the purpose to reduce the hustle of creating it manually.

Automate the creation of a lab environment complete with security tooling and logging best practices

Vagrant provisioning scripts to create a simulated network environment for tabletop exercises

An open source project aimed to replicate the Windows SIFT Machine and tools used during SANS Courses minus any payware software.

Virus Total Free - IOC parser and report generator

PowerShell script to collect memory and (triage) disk forensics

Cyber Analytics Repository

A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.

A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.

Jupyter Notebooks for the Blue Team

A cli script to analyze an E-Mail in the eml format for viewing the header, extracting attachments etc.

[not maintained] Minecraft Network Defense - 2-4 player security education Minecraft scenario

PowerShell script utilized to pull several forensic artifacts from a live Win7 and WinXP system without WINRM.