This is your work, valued

New York, NY

Ismael Valenzuela

Elite
@aboutsecurity

VP Labs, Threat Research & Intelligence at Arctic Wolf, GSE #132, SANS Author & Senior Instructor, Creator of Think Red. ActBlue. Founder of The Monday Brief

blueteam_homelabs. Great List of Resources to Build an Enterprise Grade Home Lab

937

rastrea2r. Collecting & Hunting for IOCs with gusto and style

118

Bro-samples. Network Forensics Bro scripts & pcap samples

63

jupyter-notebooks. My Jupyter Notebooks

37

Talks-and-Presentations. Slides and Other Resources from my latest Talks and Presentations

24

Audit_Host-Baseline. A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems

20

malware-samples. Source code, or code snippets of samples found while doing research, when available (no binaries).

8

container-attack-navigator. MITRE ATT&CK Navigator in a Docker Container

6

ThreatHunter-Playbook. A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

5

BAYA. Automated Extraction & Analysis of Valuable Security Data Elements

5

attack-navigator-4.1. MITRE ATT&CK Navigator 4.1

5

Incident-Response. PowerShell

5

IR-Scripts. A set of scripts useful in Incident Response

4

theZoo. A repository of LIVE malwares for your own joy and pleasure

4

TheHiveDocs. Documentation of TheHive

3

rsac2025. AI, Automation, & Threat Modeling: Lessons Learned from Hacking the Planet​

3

Hacme-Dogs. Learn basic fuzzing and explotation techniques with a simple network listener vulnerable to a stack based overflow written in C

3

bro-scripts. Various Zeek (Bro) NSM scripts

3

CyLR. CyLR - Live Response Collection Tool

2

maltrail. Malicious traffic detection system

2

FIR. Fast Incident Response

2

passivedns. A network sniffer that logs all DNS server replies for use in a passive DNS setup

1

sysmon-config. Sysmon configuration file template with default high-quality event tracing

1

ip-reputation. Python

1

Incident-Playbook. GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

1

tyrellgrid. Enter the Tyrell Grid

1

SiteParser. Proof of concept tool to get JavaScript and analyze it for evil

1

OpenCNA. OpenCNA (Collection & Normalization & Analysis)

1

dettect. DeTTECT Dockerfile

1

nishang. Nishang - PowerShell for penetration testing and offensive security.

1