Easy alternative to Blood Hound

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

Simple and efficient pytorch-native transformer text generation in <1000 LOC of python.

Command and Control (C2) framework

Control for Tapo cameras as a Home Assistant component

Diffusion Bee is the easiest way to run Stable Diffusion locally on your M1 Mac. Comes with a one-click installer. No dependencies or technical knowledge needed.

This shared library allows to control Eufy security devices by connecting to the Eufy cloud servers and local/remote stations over p2p.

SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

A vulnerability scanner for container images and filesystems

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

kill anti-malware protected processes ( BYOVD) (Microsoft Won )

Lifetime AMSI bypass

Live Feed of C2 servers, tools, and botnets

Process Monitor Library (based on Apple's new Endpoint Security Framework)

ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach

Suricata rule and intel index

This project aims to compare and evaluate the telemetry of various EDR products.

Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" macOS binaries and how they can be used by threat actors for m…

singe's grep - a fast grep using single-file parallelism

monitor macOS for malicious activity

Unit tests for blue teams to aid with building detections for some common macOS post exploitation methods.

A DFIR tool to collect artifacts on macOS

A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens

This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat groups.

🤖 🔥 Language-to-actions engine

7 Streamlit Implementations of simple LangChain projects

Terraform GraphQL plugin to automate the full life-cycle of graphql api resources.

Contrib repository for the OpenTelemetry Collector