Repositories list

• Detection-and-Hunting-Queries

  Public

  NVISOsecurity/Detection-and-Hunting-Queries’s past year of commit activity
  This repository contains detection and threat hunting queries created by NVISO’s CSIRT and SOC teams.

  queriessentinelcybersecurity+ 11

  queriessentinelcybersecuritythreat-huntingthreat-detectionkustokqldetection-engineeringdetectionskusto-language+ 4

  MIT License

  •00 forks•1717 stars•00 issues•00 pull requests•Updated May 14, 2026May 14, 2026

• disable-flutter-tls-verification

  Public
  A Frida script that disables Flutter's TLS verification

  C++

  •9797 forks•622622 stars•22 issues•00 pull requests•Updated May 4, 2026May 4, 2026

• IOXY

  Public
  MQTT intercepting proxy

  Go

  •

  GNU General Public License v3.0

  •2222 forks•142142 stars•55 issues•33 pull requests•Updated Dec 5, 2025Dec 5, 2025

• cortex.xsoar

  Public

  NVISOsecurity/cortex.xsoar’s past year of commit activity
  The cortex.xsoar collection includes Ansible modules to help automate the management of Palo Alto Cortex XSOAR.

  ansiblecortexdemisto+ 1

  ansiblecortexdemistoxsoar

  Python

  •

  GNU General Public License v3.0

  •77 forks•66 stars•00 issues•11 pull request•Updated Aug 5, 2025Aug 5, 2025

• nviso-cti

  Public

  NVISOsecurity/nviso-cti’s past year of commit activity
  YARA

  •55 forks•4444 stars•00 issues•11 pull request•Updated Jul 11, 2025Jul 11, 2025

• AlwaysTrustUserCerts

  Public
  A Magisk/KernelSU module that automatically adds user certificates to the system root CA store

  Shell

  •261261 forks•2.5k2.5k stars•1010 issues•00 pull requests•Updated Jun 24, 2025Jun 24, 2025

• KNOCKOUT

  Public

  NVISOsecurity/KNOCKOUT’s past year of commit activity
  The tool KNOCKOUT streamlines the collection and aggregation of incident response artifacts from multiple sources, significantly saving time during critical ini…

  incident-responseartifactsred-teaming+ 1

  incident-responseartifactsred-teamingnviso-ares

  C#

  •

  MIT License

  •22 forks•77 stars•00 issues•00 pull requests•Updated Apr 15, 2025Apr 15, 2025

• cs2br-bof

  Public
  Run Cobalt Strike BOFs in Brute Ratel C4!

  offensive-securityred-teamnviso-ares

  offensive-securityred-teamnviso-ares

  C

  •

  BSD 3-Clause "New" or "Revised" License

  •1717 forks•8888 stars•00 issues•00 pull requests•Updated Apr 15, 2025Apr 15, 2025

• codasm

  Public

  NVISOsecurity/codasm’s past year of commit activity
  Payload encoding utility to effectively lower payload entropy.

  shellcodepayloadoffensive-security+ 2

  shellcodepayloadoffensive-securityred-teamnviso-ares

  Python

  •

  MIT License

  •2020 forks•130130 stars•00 issues•00 pull requests•Updated Apr 15, 2025Apr 15, 2025

• osquery-discord-notifier

  Public
  Monitor osquery logs and use an LLM to provide concise, user-friendly summaries of new events directly in Discord.

  Python

  •

  GNU General Public License v3.0

  •11 fork•66 stars•00 issues•00 pull requests•Updated Apr 9, 2025Apr 9, 2025

• sans-webinar-robocop

  Public
  This repository contains the demo code for the webcast organized by SANS titled "From Playbooks to Robocop: The Evolution of SOC Automation".

  agentaisans+ 2

  agentaisanswebcastautogen

  Python

  •22 forks•99 stars•00 issues•00 pull requests•Updated Mar 27, 2025Mar 27, 2025

• blogposts

  Public
  A repo to house files for our blogposts on blog.nviso.eu

  C++

  •1717 forks•7575 stars•00 issues•00 pull requests•Updated Mar 13, 2025Mar 13, 2025

• BitSight-Automation-Tool

  Public
  BitSight Automation was developed to automate certain manual procedures and extract information such as ratings, assets, findings, etc. This tool also provides …

  Python

  •

  GNU General Public License v3.0

  •00 forks•1010 stars•00 issues•11 pull request•Updated May 21, 2024May 21, 2024

• cyber-security-llm-agents

  Public
  A collection of agents that use Large Language Models (LLMs) to perform tasks common on our day to day jobs in cyber security.

  aicybersecurityinfosec+ 3

  aicybersecurityinfosecadversary-emulationcalderallm

  Jupyter Notebook

  •6969 forks•359359 stars•11 issue•11 pull request•Updated May 7, 2024May 7, 2024

• posh-dsc-windows-hardening

  Public
  Windows OS Hardening with PowerShell DSC

  windowspowershell-dsccis-benchmark

  windowspowershell-dsccis-benchmark

  PowerShell

  •

  GNU General Public License v3.0

  •113113 forks•289289 stars•1717 issues•22 pull requests•Updated Nov 23, 2023Nov 23, 2023

• caldera

  Public archive
  An automated adversary emulation system

  Python

  •

  Apache License 2.0

  •1.3k1.3k forks•33 stars•00 issues•88 pull requests•Updated Aug 1, 2023Aug 1, 2023

• sigma-public

  Public archive
  Generic Signature Format for SIEM Systems

  Python

  •2.6k2.6k forks•1818 stars•00 issues•44 pull requests•Updated Jul 25, 2023Jul 25, 2023

• brown-bags

  Public
  C#

  •2525 forks•112112 stars•11 issue•22 pull requests•Updated Jul 24, 2023Jul 24, 2023

• velociraptor

  Public archive
  Digging Deeper....

  Go

  •

  Other

  •616616 forks•11 star•00 issues•33 pull requests•Updated Jul 20, 2023Jul 20, 2023

• public-static-assets

  Public
  Images & other assets we want to statically include in documentation

  00 forks•00 stars•00 issues•00 pull requests•Updated Jun 30, 2023Jun 30, 2023

• pyCobaltHound

  Public
  pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Bloodhound.

  Python

  •

  GNU General Public License v3.0

  •1919 forks•135135 stars•00 issues•11 pull request•Updated May 25, 2023May 25, 2023

• BlobRunner

  Public
  Quickly debug shellcode extracted during malware analysis

  C

  •

  MIT License

  •8787 forks•44 stars•00 issues•00 pull requests•Updated May 23, 2023May 23, 2023

• ee-outliers

  Public archive
  Open-source framework to detect outliers in Elasticsearch events

  machine-learningstatisticsml+ 11

  machine-learningstatisticsmlstatistical-analysisoutliersoutlier-detectionthreat-huntingsiemnetsecanomaly-detection+ 4

  Python

  •

  GNU General Public License v3.0

  •3333 forks•204204 stars•2929 issues•44 pull requests•Updated May 22, 2023May 22, 2023

• flare

  Public
  An analytical framework for network traffic and behavioral analytics

  Python

  •

  MIT License

  •8888 forks•33 stars•00 issues•11 pull request•Updated May 22, 2023May 22, 2023

• frida-ios-playground

  Public
  An iOS app that lets you practice your Frida skills

  Swift

  •2323 forks•198198 stars•11 issue•00 pull requests•Updated Apr 20, 2023Apr 20, 2023

• CobaltWhispers

  Public
  CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and mo…

  C

  •

  MIT License

  •3535 forks•241241 stars•11 issue•00 pull requests•Updated Jan 4, 2023Jan 4, 2023

• SEC599-Resources

  Public
  11 fork•2323 stars•00 issues•00 pull requests•Updated Jan 2, 2023Jan 2, 2023

• Interceptor

  Public
  Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space

  C++

  •

  GNU General Public License v3.0

  •1919 forks•135135 stars•00 issues•00 pull requests•Updated Jan 2, 2023Jan 2, 2023

• Remote-Acquisition-and-Response

  Public archive
  Repository with files for remote acquisition of files / artifacts

  PowerShell

  •

  GNU General Public License v3.0

  •11 fork•11 star•00 issues•00 pull requests•Updated Oct 5, 2022Oct 5, 2022

• assemblyline-service-autoit-ripper

  Public archive
  AutoIt unpacker service

  Python

  •

  MIT License

  •11 fork•11 star•00 issues•00 pull requests•Updated Sep 19, 2022Sep 19, 2022