🕵️ forensics
Indicators from Amnesty International's investigations
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Simple (relatively) things allowing you to dig a bit deeper than usual.
Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]
A tool to scan for .DS_Store files on webservers
A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
LeakLooker GUI - Discover, browse and monitor database/source code leaks
SQL powered operating system instrumentation, monitoring, and analytics.
Arkime is an open source, large scale, full packet capturing, indexing, and database system.
A tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations.
Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscal…
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
A collection of debugging stories. PRs welcome (sorry for the backlog) :-)
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…
Sysmon configuration file template with default high-quality event tracing
Tracking history of USB events on GNU/Linux
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
For all these times you're asking yourself "what is this panel again?"
Extract files from any kind of container formats
Monitor linux processes without root permissions