Zeek (formerly Bro) is an open-source and commercial passive Network Monitoring tool (traffic analysis framework) developed by Lawrence Berkeley Labs. Today, Zeek is supported by several developers...

Filters Use the following filters to refine your Shodan searches: # Search by ASN (Autonomous System Lookup) ASN:[NUMBER] # Search for specific products product:mysql product:nginx product:"VNC"...

Installation # clone Repo git clone https://github.com/imartinez/privateGPT.git # enter Repo cd privateGPT # virtuelle Umgebung erstellen python3 -m privateGPT venv # umgebung betretten source ...

Example Rule Below is an example Sigma rule to detect file or folder permission changes: title: File or Folder Permissions Change id: 74c01ace-0152-4094-8ae2-6fd776dd43e5 status: test description...

“A threat-hunting hypothesis, much like a scientific hypothesis, is a statement of an idea or explanation to test against data.”[1] the three threat hunting hypotesis Threat intelligence-based...

Questions an investogation tries to answer: Who (Source IP and port) What (Data/payload) Where (Destination IP and port) When (Time and data) Why (How/What happen...

installation # PowerShell Import-Module "invoke-atomicredteam\Invoke-AtomicRedTeam.psd1" -Force $PSDefaultParameterValues = @{"Invoke-AtomicTest:PathToAtomicsFolder"="AtomicRedTeam\atomics"} How...

How to Install Attack Range Create an attack_config.yml build the environment start your tests stop the environment optional: destroy your environment Basic commands #Builds a new ...

Execute chainsaw # mapping is a folder from chainsaw github ./chainsaw hunt -r rules/ evtx_attack_samples -s sigma/rules --mapping mappings/sigma-event-logs-all.yml --level critical Install # c...

Features Proxy allows to intercept and modify requests/response Repeater allows to capture, modify, then resend the same request numerous times Intrude...