This repo provides a list of telemetry features from EDR products and other endpoint agents such as Sysmon broken down by category. The main…
If you need to add new hardware you have to follow the following process: Create a hardware profile {name}.yaml file…
dnsx is a fast and multi-purpose DNS toolkit designed for running various probes through the retryabledns library. It supports multiple DNS queries, user…
This KQL query retrieves all Tor exit nodes from the official tor project website. Tor exit nodes are the gateways…
An innovative, open-source tool designed to streamline malware analysis by testing the effectiveness of multiple antivirus (AV) engines simultaneously. Developed…
CLay offers a unique and powerful feature that goes beyond traditional security measures. CLay takes deception to a new level…
Entraspray is a rewrite of MSOLSpray in python. The main purpose of this tool remains the same: to perform password spraying against…
IAT-Tracer V2 is a plugin for Tiny-Tracer framework (by @hasherezade) for automatically detecting and resolving functions' parameters out of the IAT or…
Gouge is a Burp Suite extension to extract or GOUGE all URLs. It is a Burp Suite extension written in…
Explore the capabilities of the Microsoft-Analyzer-Suite (Community Edition), a powerful collection of PowerShell scripts designed to enhance your security analysis.…