UniGetUI: The Graphical Interface for your package managers. Could be terribly described as a package manager manager to manage your package managers

The open-source solution to building, maintaining, and collaborating on GraphQL Federation at Scale. The alternative to Apollo Studio and GraphOS.

Policy Module for Microsoft Active Directory Certificate Services

Open source templates you can use to bootstrap your security programs

Utilities for Sysmon

Radius client for .Net (Net Standard)

A library for creating secure Windows Credential Providers in .NET

The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson

Centralized detection of Golden Tickets via anomalous kerberos tickets detection AFTER resetting the krbtgt password TWICE. No Dependencies/modules. Requires Event Log Readers or equivalent

Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-native executables.

FileCache is a concrete implementation of the .Net Framework 4's System.Runtime.Caching.ObjectCache that uses the local filesystem as the target location.

A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate suspicious activities.

Welcome to the SEKOIA.IO Community repository!

Simplify installing Caldera

A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers

Rules engine for .NET, based on the Rete matching algorithm, with internal DSL in C#.

A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS

C# implementation of a Rope<T> immutable data structure.

🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.

PassFiltEx. An Active Directory Password Filter.

A pause button that pauses the unpausable. Handy for video game cut scenes especially, but can be used for any application, not just games.

AppContainer tools for launching sandboxed win32 apps, changing ACL permissions and learning from ETW traces.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

a tiny program to consume from ETW providers for research

Command line tracing tool for Windows, based on ETW.

Mapping of open-source detection rules and atomic tests.

c++ library for binary fuse filters, including a sharded filter