Documentation and scripts to properly enable Windows event logs.

VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allo…

An opensource sigma conversion tool built using pysigma

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

Rapidly Search and Hunt through Windows Forensic Artefacts

A list of cyber-chef recipes and curated links

Adversary Emulation Framework

Defences against Cobalt Strike

Repository with Sample KQL Query examples for Threat Hunting

Robust Python SDK and Command Line Client for interacting with IntelOwl's API.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Is this IP a C2 server?