Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis. Primary design goals: Stay light, capture and stream, no additional processing Portability, works across virtual machines, Kubernetes and AWS Fargate. Linux and Windows

This repository contains all the Incident Response Playbooks and Workflows of Company's SOC. Each folder contains a Playbook that is broken down into 6 section as per NIST - 800.61 r2

A tale of EDR bypass methods | S3cur3Th1sSh1t
In a time full of ransomware as well as Advanced persistent Thread (APT) incidents the importance of detecting those attacking groups has become increasingly important...

Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated provisioning via Docker containers Multi-component network topologies on a modestly performing laptop computer Automated assessment of student lab activity and progress Individualized lab exercises to discourage sharing solutions

Warhorse consists of a fully-featured Ansible playbook to deploy infrastructure in the cloud for conducting security assessments. The Playbook combines Terraform & Ansible to deploy and configure virtual machines for a wide range of use cases. This Playbook is highly customizable and includes operational security. No experience with Ansible or Terraform is required to use this Playbook.

Moonwalk, un des (rares) outils de couverture de traces. L'effacement des traces et la dernière étape methodo du pentest, et malheureusement très sous estimée.

Une Cheat Sheet pour les pentests Azure.

This repo contains a few components to aid in the analysis of open source packages, in particular to look for malicious software.

Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.

badkeys checks public keys in a variety of formats for known vulnerabilities.