Skip to content

@SCS-Labs SCS Labs

Change the repository type filter

All

    Repositories list

    68 repositories

    • TheWatchList

      Public
      Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
      liststhreatthreat-huntingthreat-sharingthreatintelthreat-analysisthreat-intelligencethreat-detectionthreatintelligencethreat-response
      11500Updated May 21, 2021May 21, 2021

    • rules

      Public
      Snort and Suricata Rules
      suricatacvesnortsuricata-rulesnort-rulessuricata-rules
      1300Updated May 18, 2021May 18, 2021

    • Sysmon-for-Security

      Public
      0000Updated May 17, 2021May 17, 2021

    • sigma

      Public
      Generic Signature Format for SIEM Systems
      Python
      2.2k000Updated May 16, 2021May 16, 2021

    • SysmonCommunityGuide

      Public
      TrustedSec Sysinternals Sysmon Community Guide
      CSS
      164000Updated May 15, 2021May 15, 2021

    • ansible-role-sysmon

      Public
      Ansible role for installing Sysmon with popular config files included.
      PowerShell
      MIT License
      3000Updated May 15, 2021May 15, 2021

    • sysmon-modular

      Public
      A repository of sysmon configuration modules
      PowerShell
      MIT License
      586000Updated May 14, 2021May 14, 2021

    • HAFNIUM-Microsoft-Exchange-0day

      Public
      CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065
      microsoft-exchangemicrosoft-exchange-server0dayzerodayproxylogoncve-2021-26855cve-2021-27065cve-2021-26857cve-2021-26858tweets
      4500Updated Apr 19, 2021Apr 19, 2021

    • Images

      Public
      0000Updated Apr 18, 2021Apr 18, 2021

    • Country-codes

      Public
      0000Updated Apr 9, 2021Apr 9, 2021

    • ossec-sysmon

      Public
      A Ruleset to enhance detection capabilities of Ossec using Sysmon
      PowerShell
      22000Updated Mar 13, 2021Mar 13, 2021

    • ptf

      Public
      The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
      Python
      1.2k000Updated Mar 10, 2021Mar 10, 2021

    • elastic-reports

      Public
      0000Updated Feb 11, 2021Feb 11, 2021

    • Pentest-Toolkit

      Public
      reportingpentestingpentestexploitationpenetration-test
      0100Updated Feb 10, 2021Feb 10, 2021

    • ThreatPursuit-VM

      Public
      Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
      PowerShell
      Other
      248000Updated Jan 20, 2021Jan 20, 2021

    • blocklist-ipsets

      Public
      ipsets dynamically updated with firehol's update-ipsets.sh script
      Shell
      382100Updated Jan 18, 2021Jan 18, 2021

    • ipsets

      Public
      0000Updated Dec 31, 2020Dec 31, 2020

    • commando-vm

      Public
      Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
      PowerShell
      Apache License 2.0
      1.3k000Updated Dec 21, 2020Dec 21, 2020

    • atomic-threat-coverage

      Public
      Actionable analytics designed to combat threats
      Python
      Apache License 2.0
      157000Updated Dec 16, 2020Dec 16, 2020

    • goalert

      Public
      Open source on-call scheduling, automated escalations, and notifications so you never miss a critical alert
      Go
      Other
      238000Updated Dec 8, 2020Dec 8, 2020

    • oncall

      Public
      Oncall is a calendar tool designed for scheduling and managing on-call shifts. It can be used as source of dynamic ownership info for paging systems like http://iris.claims.
      Python
      BSD 2-Clause "Simplified" License
      230000Updated Dec 7, 2020Dec 7, 2020

    • iris

      Public
      Iris is a highly configurable and flexible service for paging and messaging.
      Python
      BSD 2-Clause "Simplified" License
      139000Updated Dec 2, 2020Dec 2, 2020

    • arkime

      Public
      Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system.
      C
      Other
      1k000Updated Nov 19, 2020Nov 19, 2020

    • cloudmapper

      Public
      CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
      JavaScript
      BSD 3-Clause "New" or "Revised" License
      804000Updated Oct 5, 2020Oct 5, 2020

    • ScoutSuite

      Public
      Multi-Cloud Security Auditing Tool
      Python
      GNU General Public License v2.0
      1.1k000Updated Oct 3, 2020Oct 3, 2020

    • pacu

      Public
      The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
      Python
      BSD 3-Clause "New" or "Revised" License
      691000Updated Sep 30, 2020Sep 30, 2020

    • cloudsploit

      Public
      Cloud Security Posture Management (CSPM)
      JavaScript
      GNU General Public License v3.0
      668000Updated Sep 23, 2020Sep 23, 2020

    • Aurora-Incident-Response

      Public
      Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
      JavaScript
      Apache License 2.0
      81000Updated Sep 21, 2020Sep 21, 2020

    • Empire

      Public
      Empire is a PowerShell and Python 3.x post-exploitation framework.
      PowerShell
      BSD 3-Clause "New" or "Revised" License
      2.8k000Updated Sep 20, 2020Sep 20, 2020

    • jok3r

      Public
      Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
      HTML
      Other
      250000Updated Sep 20, 2020Sep 20, 2020