Awesome Security lists for SOC/CERT/CTI

A curated list of cybersecurity tools and resources.

Halberd : Multi-Cloud Attack Platform

Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...

Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠

通过获取到的webshell流量、url、key来还原攻击者使用webshell所做的操作。

WEB-Wordlist-Generator creates related wordlists after scanning your web applications.

A tool that allows you to document and assess any security automation in your SOC

urlyzer is a URL parsing analysis tool.

This is a repo for cybersecurity analyst collecting artifacts in a incident response case.

This script detects typosquatting domains by generating typo variations of a given domain name, checking if they return a valid HTTP response, and running a WHOIS lookup to determine if the domain is registered, then generates an HTML report with the findings.

A script that webs scrapes multiple webpages for known vulnerable Windows Drivers, SHA256 hashes all system drivers, looks for matching driver names and SHA256 hashes.

Tools and Techniques for Blue Team / Incident Response

A script to that checks for active connections to known malicious foreign IP addresses.

Go script that finds a matching hash or a diff of a target hash in a directory.

Generate malware traces for detection tests

Convert Microsoft's driver blocklist to a EDR detection hash list for unsupported operating systems (eg. Win 7,8)

Hardsys

PyCanary: CMD line tool to monitor any directory for file access or file changes, log event, send basic alert to user, and dump and process information collected. There is also a background thread monitoring all created processes and logging them for later analysis.

Free Tools Index aims to track and share free penitration testing and blue team tools.