Neo23x0's Repositories

100 repositories

100DaysOfYARA2023
Rules Shared by the Community from 100 Days of YARA 2023
⭐ 2 🌐 Public
agile-hacking
Collection of hacks that make use of the least available on victim systems
⭐ 8 🌐 Public
alert_manager
Extended Splunk Alert Manager with advanced reporting on alerts, workflows (modify assignee, status, severity) and auto-resolve features
⭐ 5 🌐 Public
ALFA-SHELL-V2.5
ALFA-SHELL-V2.5.3
⭐ 1 🌐 Public
asgard-playbooks
No description
⭐ 3 🌐 Public
atomic-threat-coverage
Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.
⭐ 23 🌐 Public
ATTACK-Python-Client
Python Script to access ATT&CK content available in STIX via a public TAXII server
⭐ 6 🌐 Public
auditd
Best Practice Auditd Configuration
⭐ 1731 🌐 Public
awesome-yara
A curated list of awesome YARA rules, tools, and people.
⭐ 33 🌐 Public
betterdefaultpasslist
No description
⭐ 3 🌐 Public
bfg
No description
⭐ 4 🌐 Public
BlockWindows
Stop Windows 10 Nagging and Spying. Works with Win7-10
⭐ 9 🌐 Public
BloodHound
Six Degrees of Domain Admin
⭐ 5 🌐 Public
BlueLedger
A list of my personal projects
⭐ 177 🌐 Public
BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
⭐ 23 🌐 Public
CAPEv2
Malware Configuration And Payload Extraction
⭐ 2 🌐 Public
Cortex-Analyzers
Cortex Analyzers Repository
⭐ 3 🌐 Public
cpython
The Python programming language
⭐ 4 🌐 Public
CredsSpreader
A tool to spread canary credentials in your organisation
⭐ 8 🌐 Public
CVE-2018-0802
PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
⭐ 3 🌐 Public
CVE-2019-11510
Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
⭐ 2 🌐 Public
CVE-2019-19781
Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]
⭐ 3 🌐 Public
cve-2021-21985_exp
cve-2021-21985 exploit
⭐ 2 🌐 Public
cyber-chef-recipes
Recipes for GCHQ's CyberChef Web App
⭐ 38 🌐 Public
Cyber-Search-Shortcuts
Browser Shortcuts for Cyber Security Related Online Services
⭐ 78 🌐 Public
DailyIOC
IOC from articles, tweets for archives
⭐ 4 🌐 Public
dateparser
python parser for human readable dates
⭐ 2 🌐 Public
defensive-project-ideas
Ideas for projects for defensive research or blue teaming
⭐ 10 🌐 Public
DeleteShadowCopies
Deleting Shadow Copies In Pure C++
⭐ 4 🌐 Public
Detection
No description
⭐ 2 🌐 Public
detection-1
Detection in the form of Yara, Snort and ClamAV signatures.
⭐ 2 🌐 Public
Detection-2
No description
⭐ 1 🌐 Public
detection-rules
Collection of my own detection rules
⭐ 3 🌐 Public
DLLRunner
Smart DLL execution for malware analysis in sandbox systems
⭐ 142 🌐 Public
doublepulsar-detection-script
A python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
⭐ 4 🌐 Public
evt2sigma
Log Entry to Sigma Rule Converter
⭐ 108 🌐 Public
exotron
Sandbox feature upgrade with the help of wrapped samples
⭐ 76 🌐 Public
Fenrir
Simple Bash IOC Scanner
⭐ 772 🌐 Public
flowsynth
a network packet capture compiler
⭐ 2 🌐 Public
Fnord
Pattern Extractor for Obfuscated Code
⭐ 300 🌐 Public
GCTI
No description
⭐ 0 🌐 Public
go-grr-apiclient
Golang API client for GRR Rapid Response
⭐ 2 🌐 Public
go-yara
Go bindings for YARA
⭐ 1 🌐 Public
god-mode-rules
God Mode Detection Rules
⭐ 134 🌐 Public
grr
GRR Rapid Response: remote live forensics for incident response
⭐ 6 🌐 Public
harpoon
CLI tool for open source and threat intelligence
⭐ 4 🌐 Public
icedid_analysis
This repository contains analysis scripts, YARA rules, and additional IoCs related to the blog post "Let’s set ice on fire: Hunting and detecting IcedID infections".
⭐ 2 🌐 Public
ImpHash-Generator
PE Import Hash Generator
⭐ 79 🌐 Public
imphash-go
Imphash Generator
⭐ 1 🌐 Public
InfoSec-Black-Friday
All the deals for InfoSec related software/tools this Black Friday
⭐ 2 🌐 Public
ioc_signatures
No description
⭐ 4 🌐 Public
IRNotes
Some IR notes
⭐ 17 🌐 Public
KittyStager
KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this project is to be able to have a web server and some kitten and be able to use the with any shellcode.
⭐ 1 🌐 Public
klara
Kaspersky's GReAT KLara
⭐ 7 🌐 Public
Koh
The Token Stealer
⭐ 0 🌐 Public
language-thor
Syntax Theme for THOR APT Scanner log files
⭐ 5 🌐 Public
laurel
Transform Linux Audit logs for SIEM usage
⭐ 4 🌐 Public
littlesnitch-log-exporter
LittleSnitch Log Statistics Exporter
⭐ 35 🌐 Public
log4shell-detector
Detector for Log4Shell exploitation attempts
⭐ 728 🌐 Public
Loki
Loki - Simple IOC and YARA Scanner
⭐ 3697 🌐 Public
loki-cloud
A flexible and lightweight way to execute LOKI on end systems
⭐ 3 🌐 Public
Loki2
LOKI2 - Simple IOC and YARA Scanner
⭐ 109 🌐 Public
LOLSecIssues
Cybersecurity's lighter side: a collection of the most amusing misunderstandings and missteps from newcomers to offensive security tools. A repository where naivetΓ© in infosec is met with humor.
⭐ 58 🌐 Public
malware-gems
A not so awesome list of malware gems for aspiring malware analysts
⭐ 6 🌐 Public
malware-ioc
Indicators of Compromises (IOC) of our various investigations
⭐ 9 🌐 Public
malware-signatures
Yara rules for malware families seen as part of targeted threats project
⭐ 11 🌐 Public
mimipenguin
A tool to dump the login password from the current linux user
⭐ 3 🌐 Public
Misc-PowerShell-Stuff
random powershell goodness
⭐ 4 🌐 Public
Misc-Windows-Hacking
Miscellaneous projects related to attacking Windows.
⭐ 4 🌐 Public
munin
Online hash checker for Virustotal and other services
⭐ 840 🌐 Public
naive-bayes-classifier
yet another general purpose naive bayesian classifier.
⭐ 5 🌐 Public
narsil
Spy Agency Teasing
⭐ 14 🌐 Public
neolog
Windows Syslog Command Line Client
⭐ 15 🌐 Public
NimPackt-v1
Nim-based assembly packer and shellcode loader for opsec & profit
⭐ 2 🌐 Public
NimPlant
A light-weight first-stage C2 implant written in Nim.
⭐ 3 🌐 Public
nmap-nse-scripts
My collection of nmap NSE scripts
⭐ 6 🌐 Public
NoCat
A harmless Netcat-lookalike for detection testing. Simulates NC-style command-line flags and listener behavior without exposing a real backdoor or shell.
⭐ 26 🌐 Public
OTX-Python-SDK
Open Threat Exchange is an open community that allows participants to learn about the latest threats, research indicators of compromise observed in their environments, share threats they have identified, and automatically update their security infrastructure with the latest indicators to defend their environment.
⭐ 3 🌐 Public
panopticon
A YARA Rule Performance Measurement Tool
⭐ 61 🌐 Public
PassTweaker
Tweaks password files to match modern password requirements
⭐ 5 🌐 Public
pe-sieve
a small tool for investigating inline hooks (and other in-memory code patches)
⭐ 8 🌐 Public
pefile-go
Golang port of pefile
⭐ 3 🌐 Public
plyara
Parse Yara rules and operate over them more easily.
⭐ 2 🌐 Public
plyara-1
Parse YARA rules and operate over them more easily.
⭐ 6 🌐 Public
PowerCat
A PowerShell TCP/IP swiss army knife.
⭐ 5 🌐 Public
PowerMemory
Exploit the credentials present in files and memory
⭐ 6 🌐 Public
prisma
Command Line STDOUT Colorer
⭐ 30 🌐 Public
protections-artifacts
Elastic Security detection content for Endpoint
⭐ 0 🌐 Public
pyattck
A Python package to interact with the Mitre ATT&CK Framework
⭐ 7 🌐 Public
pyminifier
Pyminifier is a Python code minifier, obfuscator, and compressor.
⭐ 4 🌐 Public
PyMISP
Python library using the MISP Rest API
⭐ 5 🌐 Public
Raccine
A Simple Ransomware Vaccine
⭐ 975 🌐 Public
radiocarbon
Leak File Analyzer
⭐ 62 🌐 Public
RedPeanut
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.
⭐ 3 🌐 Public
ReginScanner
Scanner for Regin Virtual Filesystems
⭐ 26 🌐 Public
Rewind
Immediate Virus Infection Counter Measures
⭐ 63 🌐 Public
rules
Repository of yara rules
⭐ 10 🌐 Public
shellbags
Cross-platform, open-source shellbag parser
⭐ 1 🌐 Public
ShimCacheParser
No description
⭐ 4 🌐 Public
Sigma_rules
Random sigma rules to share with the community
⭐ 2 🌐 Public