Skip to content
View s-Fl's full-sized avatar
10 followers · 9 following

Achievements

Achievement: Pull Shark

Achievements

Achievement: Pull Shark

Block or report s-Fl

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Stars

🛡️ Blue team services

27 repositories

google / timesketch

Collaborative forensic timeline analysis

Python 2,829 615 Updated Aug 7, 2025

NextronSystems / APTSimulator

A toolset to make a system look as if it was the victim of an APT attack

Batchfile 2,635 444 Updated Jun 16, 2023

reversinglabs / reversinglabs-yara-rules

ReversingLabs YARA Rules

YARA 837 113 Updated Jun 30, 2025

JPCERTCC / LogonTracer

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Python 2,965 469 Updated Jun 21, 2024

trustedsec / SysmonCommunityGuide

TrustedSec Sysinternals Sysmon Community Guide

Shell 1,229 175 Updated Jul 18, 2025

BushidoUK / Ransomware-Tool-Matrix

A resource containing all the tools each ransomware gangs uses

1,100 121 Updated Jul 7, 2025

cudeso / proof-value-cti

Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.

51 4 Updated Oct 23, 2024

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java 3,177 660 Updated Aug 7, 2025

CERT-Polska / karton

Distributed malware processing framework based on Python, Redis and S3.

Python 434 47 Updated Aug 4, 2025

cybershujin / Threat-Actors-use-of-Artifical-Intelligence

256 21 Updated Jan 15, 2025

wagga40 / Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Python 734 104 Updated Apr 6, 2025

Security-Onion-Solutions / securityonion

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections…

Shell 3,863 554 Updated Aug 7, 2025

six2dez / reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Shell 6,579 1,035 Updated Jun 3, 2025

log2timeline / dftimewolf

A framework for orchestrating forensic collection, processing and data export

Python 326 73 Updated Jul 28, 2025

danielpoliakov / lisa

Sandbox for automated Linux malware analysis.

Python 481 93 Updated May 1, 2023

splunk / attack_data

A repository of curated datasets from various attacks

Python 668 113 Updated Aug 8, 2025

certsocietegenerale / FIR

Fast Incident Response

JavaScript 1,920 514 Updated Jul 28, 2025

Bert-JanP / Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Python 1,512 285 Updated Jul 23, 2025

DFIRKuiper / Kuiper

Digital Forensics Investigation Platform

JavaScript 839 116 Updated Oct 12, 2024

YARAHQ / yara-forge

Automated YARA Rule Standardization and Quality Assurance Tool

Python 232 30 Updated Aug 10, 2025

taranis-ai / taranis-ai

Taranis AI is an advanced Open-Source Intelligence (OSINT) tool, leveraging Artificial Intelligence to revolutionize information gathering and situational analysis.

Python 771 92 Updated Aug 8, 2025

BlackSnufkin / LitterBox

A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabil…

YARA 1,068 116 Updated May 29, 2025

LOTTunnels / LOTTunnels.github.io

HTML 104 10 Updated Jul 8, 2025

arkime / arkime

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

JavaScript 6,730 1,085 Updated Aug 8, 2025

gabime / spdlog

Fast C++ logging library.

C++ 27,005 4,873 Updated Aug 7, 2025

0x4D31 / awesome-threat-detection

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

4,285 719 Updated Jul 15, 2024

LetsDefend / awesome-soc-analyst

Useful resources for SOC Analyst and SOC Analyst candidates.

790 139 Updated Aug 28, 2023