Skip to content
View slacker007's full-sized avatar

Block or report slacker007

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Hi there 👋 here is a overview of my OSS.

About Me:

  • 🔭 I’m currently working on offensive modules for Quasar Rat (CSharp)
  • 🌱 I’m currently learning predictive search techniques (Python)
  • 👯 I’m looking to collaborate on anything fun/new/cool
  • 📫 How to reach me: [email protected]
  • ⚡ Fun fact: I'll get back to you on this one.....

⚡ Cyber Security Research & Tools

Over the years I have worked on various projects ranging from small research projects to team based projects in support of OSS. The following work spans over 10 years of OSS development, training, and research. Most of the code is research for other operational projects for cyber threat hunting, red teaming, pentesting, and IR.

🌱 Courses Authored

  • SOC Immersion Training (SIT) - (2018) Co-Author, SIT is designed for intermediate-level cybersecurity and hunt team analysts to increase their functional knowledge of analytical thinking and concepts. By using demonstrated real-world attack methodologies in a step-by-step manner, SIT provides analysts with an in-depth understanding of how to analyze attack TTPs and the ability to construct complex IOCs derived from environment-specific threats and constraints.

💬 Confrence Talks & Research

Red Team Infrastructure
Cyber Security Scripts/Tools
  • BRO - Network Security Monitoring - Collection of Bro and bash scripts that when run from the same directory on a Linux distro with bro installed; will pull information such as active HTTP conns, FTP conns, DNS Request/Responses, And a live(-20 seconds) feed for files transmitted. It also carves the various types of files at the same time. They can be run against snort logs or pcaps.
  • NodeHunter - Python wrapper around NMAP api to perform quick and dirty node and service discovery and enumeration.
  • CS-Beacon-Detector - (2015) Custom Sniffer that was designed to work against Cobal Strike DNS Beacons. It listens for DNS beacons and analyzes the URL, Request, and multiple specific fields within the payload. It performs some correlation to determine the validity of requests and replies.
  • DNShunter - DNShunter is a python based module that is written for a Hunt Framework & custom Linux distro built for hunt operations. Currently it reads in .pcap files and extracts the DNS Queries and Answers. In addition to extracting the queries & answers, it also performs a geo-lookup of the domains & the associated IP's.
  • S3 - Splunk Sexy Six - Open Source Windows Security Event Log Correlation and Analysis Tool
  • VDNS - VDNS is a python application that parses Bro's dns.log file and injests the results into the neo4j database for visual analysis
  • OFF-ToolKit - Project created to gather host based forensic data to later use during an offensive engagement
  • NetInfo - Quick and dirty python script to gather network information from windows registry.

Popular repositories Loading

  1. Bro-NetworkSecurityMonitoring Bro-NetworkSecurityMonitoring Public

    collection of bro and bash scripts that when run from the same directory on Linux distro with bro installed, will pull information such as active HTTP conns, FTP conns, etc. It also carves various …

    Shell 12 6

  2. NodeHunter NodeHunter Public

    Python Module that uses the NMAP api to enumerate a network and its hosts.

    Python 10 3

  3. CS-Beacon-Detector CS-Beacon-Detector Public

    Custom Sniffer that listens for DNS beacons and analyzes the validity of alerts

    Python 7 6

  4. DNShunter DNShunter Public

    DNShunter is a python based module that is written for MercenaryHuntFramework & Mercenary-Linux. Currently it reads in .pcap files and extracts the DNS Queries and Answers. In addition to extractin…

    Python 6 4

  5. simpleNMAP simpleNMAP Public

    quick and dirty menu for NMAP

    Python 5 3

  6. Registry_Enumerator Registry_Enumerator Public

    Package of Modules that Enumerate Windows Registry (x86 & 64) Win7,8,8.1,10. outputs into xml document.

    Python 5 3