Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.

Diffusion Bee is the easiest way to run Stable Diffusion locally on your M1 Mac. Comes with a one-click installer. No dependencies or technical knowledge needed.

Azure KQL Hunter

ESF modular ingestion tool for development and research.

Quantified Self Personal Data Aggregator and Data Analysis

Dataset: All Bob Ross paintings

Machine Interrogation To Identify Gaps & Techniques for Execution

This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.

PowerShell module for Azure Sentinel

A network packet forensics tool for SSH

Domain name permutation engine written in Go

An Active Defense and EDR software to empower Blue Teams

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

A tool for parsing breached passwords

Web app that provides basic navigation and annotation of ATT&CK matrices

[⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.

Timeline of Active Directory changes with replication metadata

ATT&CK Remote Threat Hunting Incident Response

Random security related items such as scripts, regex, config files, etc...

PowerShell rebuilt in C# for Red Teaming purposes

Aggressor scripts I've made for Cobalt Strike

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

Collection of Aggressor Scripts for Cobalt Strike

All materials from our Black Hat 2018 "Subverting Sysmon" talk

Office365 Log Analysis Framework

Small and highly portable detection tests based on MITRE's ATT&CK.

D3 Force Directed visualization for Splunk.

Splunk Boss of the SOC v1 data set.

Utilities for Sysmon