Gavin Knapp's Projects
Small and highly portable detection tests based on MITRE's ATT&CK.
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Collection of Cyber Threat Intelligence sources from the deep and dark web
repo with scripts to query VT API via PowerShell
Repo to hold useful DFIR scripts
Just a simple PowerShell Enumeration Script
Fitness and Nutrition Programs
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
IOC lists used for external lookups
Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
Config files for my GitHub profile.
Microsoft Sentinel Content
Aims to improve the overall security of the Windows logon process by adding 2FA Authentication. Uses multiOTP as authentication endpoint.
Notion as a platform for offensive operations
Rough blogs covering CyberDefence tradecraft.
Main Rule Repository - Used by GK for SIGMA submissions
Repo for YARA rules written by and me and other third party rules I find useful